You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
And then the nvd is only used in the backend router?
Is there anyway to feed a raw statement or multiple descriptions (either structured or unstructured) to Prospector so it doesn't request them online, and retrieve fixed commits?
The text was updated successfully, but these errors were encountered:
Hi, I guess your are right, this part of the code was left in an inconsistent state after some changes that were implemented in the past few months.
The original plan (which is still valid, although it is not reflected in the code currently) is to allow the user to provide a description instead of fetching it from the NVD. Because we seldom used this feature in our own work, this was sort of forgotten.
Unfortunately I'm quite busy at the moment on other parts of the project, especially finalising some empirical evaluation whose side- effect will hopefully be a few hundred more vulnerability statements, so I can't commit to providing a solution in the short term.
However, if you would like to contribute by fixing this broken feature, that would be very appreciated (and I could support by providing some guidance, if needed).
Looks like the
use_nvd
option is never used in the source code:project-kb/prospector/datamodel/advisory.py
Line 319 in 68f4a96
And then the nvd is only used in the backend router?
Is there anyway to feed a raw statement or multiple descriptions (either structured or unstructured) to Prospector so it doesn't request them online, and retrieve fixed commits?
The text was updated successfully, but these errors were encountered: