-
How to OSV: Vulnerabilities API, Scanners, and a Bit of Hope
Security vulnerabilities in open-source dependencies are like background radiation, mostly ignorable, until they’re not. Since we are currently working on vulnerability detection research, today, I decided to see how much trouble I could get into by poking around Google’s Open Source Vulnerabilities database and its scanner. Spoiler: not much. But it’s interesting trouble. What is…
