Skip to content

audit: Remove VuXML from audit and add OSV code #2558

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

audit: Remove VuXML from audit and add OSV code #2558

wants to merge 3 commits into from
+334 −1,618

Conversation

@illuusio
Copy link
Contributor

@illuusio illuusio commented Nov 12, 2025
edited
Loading

Remove VuXML from code and add OSV JSON code. Code makes sure that there should be drop-in placement compatibility.

Before merging there should be ready:

  • VuXML code remove
  • OSVf reading and checking
  • Update pkg config keys (OSVF_SITE and VUXML_SITE)
  • Update Testcases for pkg audit
  • Remove not needed external/yxml as it not anywhere than pkg_audio.c
  • Update OSV schema validation to have correct released osv-schema.
  • OSV FreeBSD vulnerability database released
  • Change testing OSVF_SITE url to correct one

Testing OSV database can be found from: freebsd-osv.json

As FreeBSD OSV database ain't yet release this commit is WIP and should not be merged.

@illuusio illuusio force-pushed the osvf-audit branch 3 times, most recently from ec620f1 to 705e95c Compare November 13, 2025 08:43
@illuusio
audit: Remove VuXML from audit and add OSV code
95224fd 
Remove VuXML from code and add OSV JSON code. Code
makes sure that there should be drop-in placement
compatibility.

Update OSV-schema to official one

As FreeBSD OSV database ain't yet release this
commit is WIP and should not be merged.
@illuusio
audit: Fixing testcases to work with OSV
5aad059 
Fixing testcases to work with OSV and some changes
that had to be made to come along with real world.
@illuusio
audit: Remove yxml
1abc347 
Remove yxml as it no currently used anywhere. VuXML which was only
user for yxml is replaced with OSVf which uses libucl.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@illuusio