更新: 2933 个文件 - 2026-03-18 11:36:11

2026-03-18 11:36:12 -07:00
--- a/08-threat-intel/source-map.yaml
+++ b/08-threat-intel/source-map.yaml
@@ -510,6 +510,12 @@ systems:
        advisory_mode: core
        keywords: [woocommerce]
        max_items: 50
+      - name: NVD WooCommerce
+        kind: nvd-search
+        keyword: WooCommerce
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
    ecosystem_sources:
      - name: Patchstack Database
        kind: html-links
@@ -560,6 +566,12 @@ systems:
        advisory_mode: core
        keywords: [prestashop]
        max_items: 50
+      - name: NVD PrestaShop
+        kind: nvd-search
+        keyword: PrestaShop
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
    ecosystem_sources:
      - name: Friends Of Presta Security
        kind: html-links
@@ -1310,9 +1322,13 @@ systems:
        confidence: official
        advisory_mode: core
        status: retired
-        retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring Security Advisories remains the active replacement source.
-        replacement_sources: [Spring Security Advisories]
-    ecosystem_sources: []
+        retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring official page and OSV remain the active replacements.
+        replacement_sources: [Spring Security Advisories, OSV Spring Framework]
+    ecosystem_sources:
+      - name: OSV Spring Framework
+        kind: osv-batch
+        confidence: ecosystem-authority
+        advisory_mode: core
    research_sources: []
    package_names:
      - ecosystem: Maven
@@ -1347,9 +1363,13 @@ systems:
        confidence: official
        advisory_mode: core
        status: retired
-        retired_reason: Unauthenticated GitHub advisory API is quota-limited; Spring official security page remains the active source.
-        replacement_sources: [Spring Security Advisories]
-    ecosystem_sources: []
+        retired_reason: Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.
+        replacement_sources: [Spring Security Advisories, OSV Spring Security]
+    ecosystem_sources:
+      - name: OSV Spring Security
+        kind: osv-batch
+        confidence: ecosystem-authority
+        advisory_mode: core
    research_sources: []
    package_names:
      - ecosystem: Maven
@@ -1382,9 +1402,13 @@ systems:
        confidence: official
        advisory_mode: core
        status: retired
-        retired_reason: Unauthenticated GitHub advisory API is quota-limited; Spring official security page remains the active source.
-        replacement_sources: [Spring Security Advisories]
-    ecosystem_sources: []
+        retired_reason: Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.
+        replacement_sources: [Spring Security Advisories, OSV Spring Boot]
+    ecosystem_sources:
+      - name: OSV Spring Boot
+        kind: osv-batch
+        confidence: ecosystem-authority
+        advisory_mode: core
    research_sources: []
    package_names:
      - ecosystem: Maven