Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stabilize DB search output #2130

Open
wagoodman opened this issue Sep 17, 2024 · 2 comments · May be fixed by #2303
Open

Stabilize DB search output #2130

wagoodman opened this issue Sep 17, 2024 · 2 comments · May be fixed by #2303
Assignees
@wagoodman
Labels
changelog-ignore Don't include this issue in the release changelog enhancement New feature or request
Milestone
DB v6

Comments

@wagoodman
Copy link
Contributor

With DB v6 there will be substantial changes made to the DB structure. We'd like to have a way for users to have a common interface with stable output (not directly tied to the DB schema/shapes) across grype versions.

The search command should be expanded to:

  • Query a single CVE to get the NVD record (always one)
  • Query a single vulnerability ID to get the vulnerability record(s)

Are there more use cases we should capture?

This output should be available in:

  • table output
  • json output

All json output should have a JSON schema describing valid/expected shapes/values.
@wagoodman wagoodman added the enhancement New feature or request label Sep 17, 2024
@wagoodman wagoodman added this to the DB v6 milestone Sep 17, 2024
@wagoodman wagoodman moved this to Ready in OSS Sep 17, 2024
@TimBrown1611
Copy link

please notice to this kind of issue in grype db search - #2085
(can be solved in the same task)

@kzantow kzantow self-assigned this Nov 6, 2024
@kzantow kzantow moved this from Ready to In Progress in OSS Nov 6, 2024
@wagoodman wagoodman moved this from In Progress to Ready in OSS Nov 27, 2024
@wagoodman
Copy link
Contributor Author

https://github.com/anchore/grype/pull/2288/files#diff-dcf61b30ec74dd958726ebbb9a3ff0b0b271839989f03d8f0d233de89381a727R84-R85 We have the search command partially updated to use the new curator, but does not do anything with the store results until there is something that inflates the vulnerability.Vulnerability struct from the DB models.

@wagoodman wagoodman moved this from Ready to In Progress in OSS Dec 2, 2024
@wagoodman wagoodman self-assigned this Dec 2, 2024
@wagoodman wagoodman linked a pull request Dec 4, 2024 that will close this issue
Open
@wagoodman wagoodman added the changelog-ignore Don't include this issue in the release changelog label Jan 8, 2025
@wagoodman wagoodman moved this from In Progress to In Review in OSS Jan 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@wagoodman wagoodman

Labels
changelog-ignore Don't include this issue in the release changelog enhancement New feature or request
Projects
OSS
Status: In Review
Milestone
DB v6
Development

Successfully merging a pull request may close this issue.

Enhance v6 search command anchore/grype
4 participants
@wagoodman @kzantow @willmurphyscode @TimBrown1611