gchristensen changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh
anselmolsm has joined #nixos-security
hmpffff has joined #nixos-security
colemickens_ has joined #nixos-security
colemickens_ has left #nixos-security [#nixos-security]
anselmolsm has quit [Quit: Konversation terminated!]
hmpffff has quit [Quit: nchrrrr…]
justanotheruser has quit [Ping timeout: 260 seconds]
justanotheruser has joined #nixos-security
<JJJollyjim> i think "how do CVEs in python work" has an answer about as simple as "how does packaging in python work"
<JJJollyjim> pyup.io maintains a commercial database of vulnerable packages
<JJJollyjim> then https://github.com/pyupio/safety-db has monthly exports of that data, for non-commercial use only
<JJJollyjim> idk how that interacts with "open-source projects that don't expressly forbid commercial use"
<JJJollyjim> that's the only effort i know of :/
<andi-> Since I am not paid to do this work I should be fine to use it to create a list of issues..
hmpffff has joined #nixos-security
hmpffff has quit [Quit: nchrrrr…]
hmpffff has joined #nixos-security
justanotheruser has quit [Ping timeout: 260 seconds]
justanotheruser has joined #nixos-security
zarel has quit [Ping timeout: 260 seconds]
zarel has joined #nixos-security
hmpffff has quit [Quit: Bye…]
anselmolsm has joined #nixos-security
justanotheruser has quit [Ping timeout: 260 seconds]
justanotheruser has joined #nixos-security