hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 103 个文件 - 2026-03-18 19:24:37

浏览代码
这个提交包含在:
hao
2026-03-18 19:24:37 -07:00
父节点 8e13fcfbe0
当前提交 9b0d72b112
修改 103 个文件,包含 8985 行新增1381 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

62
08-threat-intel/generated/dashboard/docs/architecture-library.html
查看文件

@@ -87,7 +87,7 @@
<h1>当前架构库镜像</h1>
<div class="meta">工作台内置镜像页:当前架构库结构化数据镜像。</div>
<pre>{
&quot;generated_at&quot;: &quot;2026-03-18T21:23:23+00:00&quot;,
&quot;generated_at&quot;: &quot;2026-03-19T02:23:04+00:00&quot;,
&quot;title&quot;: &quot;当前架构库&quot;,
&quot;summary&quot;: &quot;工作台、控制面、数据层、授权边界与系统覆盖的当前真值视图。&quot;,
&quot;sections&quot;: [
@@ -137,7 +137,7 @@
},
{
&quot;label&quot;: &quot;生成时间&quot;,
&quot;value&quot;: &quot;2026-03-18T21:23:23+00:00&quot;
&quot;value&quot;: &quot;2026-03-19T02:23:04+00:00&quot;
}
],
&quot;links&quot;: [
@@ -688,7 +688,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 2&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -725,7 +725,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;Drupal Security Advisories Site\nGHSA Drupal Core&quot;
&quot;value&quot;: &quot;OSV Drupal&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -773,7 +773,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -810,7 +810,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Ghost&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -858,7 +858,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -895,7 +895,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Joomla&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -943,7 +943,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 3&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -980,7 +980,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV MediaWiki&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -1028,7 +1028,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -1065,7 +1065,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Moodle&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -1231,7 +1231,7 @@
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;官方来源&quot;,
&quot;value&quot;: &quot;WordPress Security News\nNVD WordPress&quot;
&quot;value&quot;: &quot;WordPress Security News RSS\nNVD WordPress&quot;
},
{
&quot;label&quot;: &quot;生态来源&quot;,
@@ -4300,7 +4300,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 3&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -4337,7 +4337,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Mattermost&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -4385,7 +4385,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -4422,7 +4422,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Redmine&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -4470,7 +4470,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -4507,7 +4507,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV phpMyAdmin&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5362,7 +5362,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5399,7 +5399,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV OpenCart&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5447,7 +5447,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5484,7 +5484,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV OpenMage&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5532,7 +5532,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 3&quot;,
&quot;生态源 1&quot;,
&quot;生态源 2&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5569,7 +5569,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;Friends Of Presta Security&quot;
&quot;value&quot;: &quot;OSV PrestaShop\nFriends Of Presta Security&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5617,7 +5617,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5654,7 +5654,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Saleor&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5702,7 +5702,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5739,7 +5739,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Shopware&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5787,7 +5787,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 3&quot;,
&quot;生态源 2&quot;,
&quot;生态源 3&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5824,7 +5824,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;Patchstack Database\nWordfence Vulnerability Database&quot;
&quot;value&quot;: &quot;OSV WooCommerce\nPatchstack Database\nWordfence Vulnerability Database&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,

4
08-threat-intel/generated/dashboard/docs/coverage-matrix.html
查看文件

@@ -125,7 +125,7 @@
| Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `15` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `15` | `` |
| Moodle | `cms` | `rolling-24m` | `-` | `yes` | `40` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `40` | `2025-04-09T00:30:58.490` |
| NestJS | `frameworks` | `rolling-24m` | `-` | `yes` | `2` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `2` | `2026-03-02T20:30:10.923` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `66` | `41` | `3` | `seeded` | `real:26/synthetic:0/blocked:0` | `21` | `26` | `25` | `2026-03-17T16:31:34.160932Z` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `66` | `41` | `3` | `seeded` | `real:26/synthetic:0/blocked:0` | `21` | `26` | `25` | `2026-03-18T22:02:16.858114Z` |
| Nginx | `servers` | `history-full` | `yes` | `yes` | `110` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `110` | `2025-08-12T17:24:44.367` |
| Node.js | `frameworks` | `history-full` | `yes` | `yes` | `8` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `8` | `2025-01-21` |
| Nuxt | `frameworks` | `history-full` | `yes` | `yes` | `28` | `5` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `23` | `2025-09-18T13:04:21Z` |
@@ -145,7 +145,7 @@
| SvelteKit | `frameworks` | `rolling-24m` | `-` | `yes` | `3` | `3` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-28T06:27:26.115188Z` |
| Symfony | `frameworks` | `rolling-24m` | `-` | `yes` | `9` | `9` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-13T22:16:14.858636Z` |
| Traefik | `servers` | `rolling-24m` | `-` | `yes` | `43` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `27` | `2026-03-18T13:59:10.423590Z` |
| Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `16` | `15` | `2` | `seeded` | `real:7/synthetic:0/blocked:0` | `0` | `7` | `1` | `2026-03-14T09:19:54.772219Z` |
| Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `16` | `15` | `2` | `seeded` | `real:7/synthetic:0/blocked:0` | `0` | `7` | `1` | `2026-03-18T23:58:57.714731Z` |
| Vite | `frameworks` | `history-full` | `yes` | `yes` | `42` | `16` | `3` | `seeded` | `real:12/synthetic:0/blocked:0` | `12` | `12` | `26` | `2026-02-04T04:37:24.129476Z` |
| Vue | `frameworks` | `history-full` | `yes` | `yes` | `15` | `1` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `14` | `2024-10-24T19:12:14.925352Z` |
| webpack | `frameworks` | `rolling-24m` | `-` | `yes` | `1` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `1` | `2026-02-27T17:21:22.370` |

278
08-threat-intel/generated/dashboard/docs/retired-sources.html
查看文件

@@ -193,26 +193,13 @@
{
&quot;system_id&quot;: &quot;drupal&quot;,
&quot;display_name&quot;: &quot;Drupal&quot;,
&quot;source_name&quot;: &quot;Drupal Security Advisories Site&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;html-links&quot;,
&quot;retired_reason&quot;: &quot;Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.&quot;,
&quot;source_name&quot;: &quot;NVD Drupal&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.&quot;,
&quot;replacement_sources&quot;: [
&quot;Drupal Security Advisories RSS&quot;,
&quot;GHSA Drupal Core&quot;
],
&quot;url&quot;: &quot;https://www.drupal.org/security&quot;
},
{
&quot;system_id&quot;: &quot;drupal&quot;,
&quot;display_name&quot;: &quot;Drupal&quot;,
&quot;source_name&quot;: &quot;GHSA Drupal Core&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;ghsa-global&quot;,
&quot;retired_reason&quot;: &quot;Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.&quot;,
&quot;replacement_sources&quot;: [
&quot;Drupal Security Advisories RSS&quot;,
&quot;NVD Drupal&quot;
&quot;OSV Drupal&quot;
],
&quot;url&quot;: &quot;&quot;
},
@@ -228,6 +215,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;esbuild&quot;,
&quot;display_name&quot;: &quot;esbuild&quot;,
&quot;source_name&quot;: &quot;NVD esbuild&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV esbuild replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV esbuild&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;express&quot;,
&quot;display_name&quot;: &quot;Express&quot;,
@@ -240,6 +239,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;express&quot;,
&quot;display_name&quot;: &quot;Express&quot;,
&quot;source_name&quot;: &quot;NVD Express.js&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Express replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV Express&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;fastify&quot;,
&quot;display_name&quot;: &quot;Fastify&quot;,
@@ -264,6 +275,19 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;ghost&quot;,
&quot;display_name&quot;: &quot;Ghost&quot;,
&quot;source_name&quot;: &quot;NVD Ghost&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.&quot;,
&quot;replacement_sources&quot;: [
&quot;Ghost GitHub Advisories&quot;,
&quot;OSV Ghost&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;hapi&quot;,
&quot;display_name&quot;: &quot;Hapi&quot;,
@@ -288,6 +312,19 @@
],
&quot;url&quot;: &quot;https://www.haproxy.org/security/&quot;
},
{
&quot;system_id&quot;: &quot;joomla&quot;,
&quot;display_name&quot;: &quot;Joomla&quot;,
&quot;source_name&quot;: &quot;NVD Joomla&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.&quot;,
&quot;replacement_sources&quot;: [
&quot;Joomla Security Centre&quot;,
&quot;OSV Joomla&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;koa&quot;,
&quot;display_name&quot;: &quot;Koa&quot;,
@@ -324,6 +361,19 @@
],
&quot;url&quot;: &quot;https://mattermost.com/security-updates/&quot;
},
{
&quot;system_id&quot;: &quot;mattermost&quot;,
&quot;display_name&quot;: &quot;Mattermost&quot;,
&quot;source_name&quot;: &quot;NVD Mattermost&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;Mattermost Security Updates JSON&quot;,
&quot;OSV Mattermost&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;mediawiki&quot;,
&quot;display_name&quot;: &quot;MediaWiki&quot;,
@@ -337,6 +387,19 @@
],
&quot;url&quot;: &quot;https://www.mediawiki.org/wiki/Security&quot;
},
{
&quot;system_id&quot;: &quot;mediawiki&quot;,
&quot;display_name&quot;: &quot;MediaWiki&quot;,
&quot;source_name&quot;: &quot;NVD MediaWiki&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;MediaWiki Announce RSS&quot;,
&quot;OSV MediaWiki&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;moodle&quot;,
&quot;display_name&quot;: &quot;Moodle&quot;,
@@ -349,6 +412,18 @@
],
&quot;url&quot;: &quot;https://moodle.org/security/&quot;
},
{
&quot;system_id&quot;: &quot;moodle&quot;,
&quot;display_name&quot;: &quot;Moodle&quot;,
&quot;source_name&quot;: &quot;NVD Moodle&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV Moodle&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;nestjs&quot;,
&quot;display_name&quot;: &quot;NestJS&quot;,
@@ -361,6 +436,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;nestjs&quot;,
&quot;display_name&quot;: &quot;NestJS&quot;,
&quot;source_name&quot;: &quot;NVD NestJS&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV NestJS replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV NestJS&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;nextjs&quot;,
&quot;display_name&quot;: &quot;Next.js&quot;,
@@ -387,6 +474,59 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;opencart&quot;,
&quot;display_name&quot;: &quot;OpenCart&quot;,
&quot;source_name&quot;: &quot;NVD OpenCart&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.&quot;,
&quot;replacement_sources&quot;: [
&quot;OpenCart Releases&quot;,
&quot;OSV OpenCart&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;openmage&quot;,
&quot;display_name&quot;: &quot;OpenMage / Mage-OS&quot;,
&quot;source_name&quot;: &quot;NVD OpenMage&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV OpenMage replaces NVD for machine-readable composer-aligned collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OpenMage GitHub Advisories&quot;,
&quot;OSV OpenMage&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;phpmyadmin&quot;,
&quot;display_name&quot;: &quot;phpMyAdmin&quot;,
&quot;source_name&quot;: &quot;NVD phpMyAdmin&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.&quot;,
&quot;replacement_sources&quot;: [
&quot;phpMyAdmin Security Page&quot;,
&quot;OSV phpMyAdmin&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;prestashop&quot;,
&quot;display_name&quot;: &quot;PrestaShop&quot;,
&quot;source_name&quot;: &quot;NVD PrestaShop&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.&quot;,
&quot;replacement_sources&quot;: [
&quot;PrestaShop Security Page&quot;,
&quot;GitHub PrestaShop Advisories&quot;,
&quot;OSV PrestaShop&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;rails&quot;,
&quot;display_name&quot;: &quot;Ruby on Rails&quot;,
@@ -399,6 +539,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;rails&quot;,
&quot;display_name&quot;: &quot;Ruby on Rails&quot;,
&quot;source_name&quot;: &quot;NVD Ruby on Rails&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Rails replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV Rails&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;react&quot;,
&quot;display_name&quot;: &quot;React&quot;,
@@ -412,6 +564,44 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;redmine&quot;,
&quot;display_name&quot;: &quot;Redmine&quot;,
&quot;source_name&quot;: &quot;NVD Redmine&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.&quot;,
&quot;replacement_sources&quot;: [
&quot;Redmine Security Advisories&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;saleor&quot;,
&quot;display_name&quot;: &quot;Saleor&quot;,
&quot;source_name&quot;: &quot;NVD Saleor&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.&quot;,
&quot;replacement_sources&quot;: [
&quot;GitHub Saleor Advisories&quot;,
&quot;OSV Saleor&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;shopware&quot;,
&quot;display_name&quot;: &quot;Shopware&quot;,
&quot;source_name&quot;: &quot;NVD Shopware&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.&quot;,
&quot;replacement_sources&quot;: [
&quot;Shopware Security Advisories&quot;,
&quot;OSV Shopware&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;spring-boot&quot;,
&quot;display_name&quot;: &quot;Spring Boot&quot;,
@@ -487,6 +677,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;undici&quot;,
&quot;display_name&quot;: &quot;Undici&quot;,
&quot;source_name&quot;: &quot;NVD Undici&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Undici replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV Undici&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;vite&quot;,
&quot;display_name&quot;: &quot;Vite&quot;,
@@ -525,6 +727,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;webpack&quot;,
&quot;display_name&quot;: &quot;webpack&quot;,
&quot;source_name&quot;: &quot;NVD webpack&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV webpack replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV webpack&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;werkzeug&quot;,
&quot;display_name&quot;: &quot;Werkzeug&quot;,
@@ -536,6 +750,34 @@
&quot;OSV Werkzeug&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;woocommerce&quot;,
&quot;display_name&quot;: &quot;WooCommerce&quot;,
&quot;source_name&quot;: &quot;NVD WooCommerce&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.&quot;,
&quot;replacement_sources&quot;: [
&quot;Woo Developer Advisories&quot;,
&quot;GitHub WooCommerce Advisories&quot;,
&quot;OSV WooCommerce&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;wordpress&quot;,
&quot;display_name&quot;: &quot;WordPress&quot;,
&quot;source_name&quot;: &quot;NVD WordPress&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.&quot;,
&quot;replacement_sources&quot;: [
&quot;WordPress Security News RSS&quot;,
&quot;Wordfence Vulnerability Database&quot;,
&quot;WPScan Vulnerability Database&quot;
],
&quot;url&quot;: &quot;&quot;
}
]</pre>
</div>

33
08-threat-intel/generated/dashboard/docs/source-catalog-audit.html
查看文件

@@ -88,12 +88,12 @@
<div class="meta">工作台内置镜像页active/retired source、replacement map 与覆盖摘要。</div>
<pre># Source Catalog Audit
- generated_at: `2026-03-18T21:16:34+00:00`
- generated_at: `2026-03-19T02:22:09+00:00`
- systems: `62`
- sources: `161`
- active_sources: `125`
- retired_sources: `36`
- systems_with_active_official: `62/62`
- sources: `173`
- active_sources: `118`
- retired_sources: `55`
- systems_with_active_official: `61/62`
- systems_with_machine_readable_source: `62/62`
## Retired Sources
@@ -106,34 +106,53 @@
- `discourse` `Discourse Meta Security` -&gt; replacements: `Discourse Release Notes RSS, GitHub Discourse Advisories` | reason: Meta security category HTML changed and no longer provides stable scrape semantics for health checks.
- `discourse` `GitHub Discourse Advisories` -&gt; replacements: `Discourse Release Notes RSS, Discourse Security RSS` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Discourse release feed remains the active official source.
- `django` `Django Security RSS` -&gt; replacements: `Django Security Weblog, Django Security Releases Archive` | reason: Official security tag feed became unstable; use official weblog index and release archive instead.
- `drupal` `Drupal Security Advisories Site` -&gt; replacements: `Drupal Security Advisories RSS, GHSA Drupal Core` | reason: Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.
- `drupal` `GHSA Drupal Core` -&gt; replacements: `Drupal Security Advisories RSS, NVD Drupal` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.
- `drupal` `NVD Drupal` -&gt; replacements: `Drupal Security Advisories RSS, OSV Drupal` | reason: OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.
- `esbuild` `GitHub Global Advisories` -&gt; replacements: `OSV esbuild` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV esbuild remains the active replacement source.
- `esbuild` `NVD esbuild` -&gt; replacements: `OSV esbuild` | reason: OSV esbuild replaces NVD public search for lower-latency machine-readable collection.
- `express` `GitHub Global Advisories` -&gt; replacements: `OSV Express` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Express remains the active replacement source.
- `express` `NVD Express.js` -&gt; replacements: `OSV Express` | reason: OSV Express replaces NVD public search for lower-latency machine-readable collection.
- `fastify` `GitHub Global Advisories` -&gt; replacements: `OSV Fastify` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Fastify remains the active replacement source.
- `flask` `GitHub Global Advisories` -&gt; replacements: `OSV Flask` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Flask remains the active machine-readable source.
- `ghost` `NVD Ghost` -&gt; replacements: `Ghost GitHub Advisories, OSV Ghost` | reason: OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.
- `hapi` `GitHub Global Advisories` -&gt; replacements: `OSV Hapi` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Hapi remains the active replacement source.
- `haproxy` `HAProxy Security Advisories` -&gt; replacements: `HAProxy Blog Feed` | reason: Legacy haproxy.org security page no longer yields stable scrape results for monitoring.
- `joomla` `NVD Joomla` -&gt; replacements: `Joomla Security Centre, OSV Joomla` | reason: OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.
- `koa` `GitHub Global Advisories` -&gt; replacements: `OSV Koa` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Koa remains the active replacement source.
- `laravel` `GitHub Global Advisories` -&gt; replacements: `OSV Laravel` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Laravel remains the active machine-readable source.
- `mattermost` `Mattermost Security Updates` -&gt; replacements: `NVD Mattermost` | reason: Mattermost security updates page returned repeated 403 responses from the collector path; NVD replacement remains active.
- `mattermost` `NVD Mattermost` -&gt; replacements: `Mattermost Security Updates JSON, OSV Mattermost` | reason: Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.
- `mediawiki` `MediaWiki Security Releases` -&gt; replacements: `MediaWiki Announce RSS, NVD MediaWiki` | reason: MediaWiki security page is no longer reachable reliably from the collector path; NVD replacement remains active.
- `mediawiki` `NVD MediaWiki` -&gt; replacements: `MediaWiki Announce RSS, OSV MediaWiki` | reason: MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.
- `moodle` `Moodle Security News` -&gt; replacements: `NVD Moodle` | reason: Security page is reachable with a browser-style UA, but the current markup only exposes generic &quot;Discuss this topic&quot; anchors to the collector; NVD Moodle remains the active replacement source until a richer parser is added.
- `moodle` `NVD Moodle` -&gt; replacements: `OSV Moodle` | reason: OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.
- `nestjs` `GitHub Global Advisories` -&gt; replacements: `OSV NestJS` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV NestJS remains the active replacement source.
- `nestjs` `NVD NestJS` -&gt; replacements: `OSV NestJS` | reason: OSV NestJS replaces NVD public search for lower-latency machine-readable collection.
- `nextjs` `GitHub Global Advisories` -&gt; replacements: `GitHub Next.js Advisories, OSV Next.js` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub Next.js Advisories and OSV Next.js remain active replacements.
- `nuxt` `GitHub Global Advisories` -&gt; replacements: `Nuxt Security, OSV Nuxt` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Nuxt Security and OSV Nuxt remain active replacements.
- `opencart` `NVD OpenCart` -&gt; replacements: `OpenCart Releases, OSV OpenCart` | reason: OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.
- `openmage` `NVD OpenMage` -&gt; replacements: `OpenMage GitHub Advisories, OSV OpenMage` | reason: OSV OpenMage replaces NVD for machine-readable composer-aligned collection.
- `phpmyadmin` `NVD phpMyAdmin` -&gt; replacements: `phpMyAdmin Security Page, OSV phpMyAdmin` | reason: OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.
- `prestashop` `NVD PrestaShop` -&gt; replacements: `PrestaShop Security Page, GitHub PrestaShop Advisories, OSV PrestaShop` | reason: OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.
- `rails` `GitHub Global Advisories` -&gt; replacements: `OSV Rails` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Rails remains the active machine-readable source.
- `rails` `NVD Ruby on Rails` -&gt; replacements: `OSV Rails` | reason: OSV Rails replaces NVD public search for lower-latency machine-readable collection.
- `react` `GitHub Global Advisories` -&gt; replacements: `GitHub React Advisories, OSV React` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub React Advisories and OSV React remain active replacements.
- `redmine` `NVD Redmine` -&gt; replacements: `Redmine Security Advisories` | reason: Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.
- `saleor` `NVD Saleor` -&gt; replacements: `GitHub Saleor Advisories, OSV Saleor` | reason: OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.
- `shopware` `NVD Shopware` -&gt; replacements: `Shopware Security Advisories, OSV Shopware` | reason: OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.
- `spring-boot` `GitHub Global Advisories` -&gt; replacements: `Spring Security Advisories, OSV Spring Boot` | reason: Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.
- `spring-framework` `GitHub Global Advisories` -&gt; replacements: `Spring Security Advisories, OSV Spring Framework` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring official page and OSV remain the active replacements.
- `spring-security` `GitHub Global Advisories` -&gt; replacements: `Spring Security Advisories, OSV Spring Security` | reason: Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.
- `sveltekit` `GitHub Global Advisories` -&gt; replacements: `OSV SvelteKit` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV SvelteKit remains the active replacement source.
- `symfony` `GitHub Global Advisories` -&gt; replacements: `OSV Symfony` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Symfony remains the active machine-readable source.
- `undici` `GitHub Global Advisories` -&gt; replacements: `OSV Undici` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Undici remains the active replacement source.
- `undici` `NVD Undici` -&gt; replacements: `OSV Undici` | reason: OSV Undici replaces NVD public search for lower-latency machine-readable collection.
- `vite` `GitHub Global Advisories` -&gt; replacements: `Vite Security, OSV Vite` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vite Security and OSV Vite remain active replacements.
- `vue` `GitHub Global Advisories` -&gt; replacements: `Vue Security, OSV Vue` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vue Security and OSV Vue remain active replacements.
- `webpack` `GitHub Global Advisories` -&gt; replacements: `OSV webpack` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV webpack remains the active replacement source.
- `webpack` `NVD webpack` -&gt; replacements: `OSV webpack` | reason: OSV webpack replaces NVD public search for lower-latency machine-readable collection.
- `werkzeug` `GitHub Global Advisories` -&gt; replacements: `OSV Werkzeug` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Werkzeug remains the active machine-readable source.
- `woocommerce` `NVD WooCommerce` -&gt; replacements: `Woo Developer Advisories, GitHub WooCommerce Advisories, OSV WooCommerce` | reason: OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.
- `wordpress` `NVD WordPress` -&gt; replacements: `WordPress Security News RSS, Wordfence Vulnerability Database, WPScan Vulnerability Database` | reason: WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.
</pre>
</div>
</main>

180
08-threat-intel/generated/dashboard/docs/source-map.html
查看文件

@@ -94,19 +94,24 @@ systems:
tier: history-full
advisory_modes: [core, plugin]
official_sources:
- name: WordPress Security News
kind: html-links
url: https://wordpress.org/news/category/security/
- name: WordPress Security News RSS
kind: rss-feed
url: https://wordpress.org/news/category/security/feed/
confidence: official
advisory_mode: core
keywords: [wordpress, security, release]
max_items: 40
request_policy:
user_agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
- name: NVD WordPress
kind: nvd-search
keyword: WordPress
confidence: official
advisory_mode: core
results_per_page: 50
status: retired
retired_reason: WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.
replacement_sources: [WordPress Security News RSS, Wordfence Vulnerability Database, WPScan Vulnerability Database]
ecosystem_sources:
- name: Wordfence Vulnerability Database
kind: html-links
@@ -166,6 +171,9 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 50
status: retired
retired_reason: OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.
replacement_sources: [Drupal Security Advisories RSS, OSV Drupal]
ecosystem_sources:
- name: Drupal Security Advisories Site
kind: html-links
@@ -186,8 +194,13 @@ systems:
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.
replacement_sources: [Drupal Security Advisories RSS, NVD Drupal]
research_sources: []
ecosystem_sources:
- name: OSV Drupal
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
package_names:
- ecosystem: composer
- ecosystem: Packagist
name: drupal/core
cpe_keys: [&quot;drupal:drupal&quot;]
ghsa_keywords: [drupal, drupal core]
@@ -217,9 +230,18 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 50
ecosystem_sources: []
status: retired
retired_reason: OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.
replacement_sources: [Joomla Security Centre, OSV Joomla]
ecosystem_sources:
- name: OSV Joomla
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names: []
package_names:
- ecosystem: Packagist
name: joomla/joomla-cms
cpe_keys: [&quot;joomla:joomla!&quot;]
ghsa_keywords: [joomla]
kev_keywords: [joomla]
@@ -248,7 +270,14 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.
replacement_sources: [Ghost GitHub Advisories, OSV Ghost]
ecosystem_sources:
- name: OSV Ghost
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: npm
@@ -355,9 +384,18 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.
replacement_sources: [MediaWiki Announce RSS, OSV MediaWiki]
ecosystem_sources:
- name: OSV MediaWiki
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names: []
package_names:
- ecosystem: Packagist
name: mediawiki/core
cpe_keys: [&quot;mediawiki:mediawiki&quot;]
ghsa_keywords: [mediawiki]
kev_keywords: [mediawiki]
@@ -394,9 +432,18 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.
replacement_sources: [OSV Moodle]
ecosystem_sources:
- name: OSV Moodle
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names: []
package_names:
- ecosystem: Packagist
name: moodle/moodle
cpe_keys: [&quot;moodle:moodle&quot;]
ghsa_keywords: [moodle]
kev_keywords: [moodle]
@@ -592,10 +639,17 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV OpenMage replaces NVD for machine-readable composer-aligned collection.
replacement_sources: [OpenMage GitHub Advisories, OSV OpenMage]
ecosystem_sources:
- name: OSV OpenMage
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: composer
- ecosystem: Packagist
name: openmage/magento-lts
cpe_keys: []
ghsa_keywords: [openmage, mage-os]
@@ -631,7 +685,14 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.
replacement_sources: [Woo Developer Advisories, GitHub WooCommerce Advisories, OSV WooCommerce]
ecosystem_sources:
- name: OSV WooCommerce
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
- name: Patchstack Database
kind: html-links
url: https://patchstack.com/database/
@@ -650,7 +711,7 @@ systems:
package_names:
- ecosystem: npm
name: &quot;@woocommerce/blocks&quot;
- ecosystem: composer
- ecosystem: Packagist
name: woocommerce/woocommerce
cpe_keys: []
ghsa_keywords: [woocommerce]
@@ -687,7 +748,14 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.
replacement_sources: [PrestaShop Security Page, GitHub PrestaShop Advisories, OSV PrestaShop]
ecosystem_sources:
- name: OSV PrestaShop
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
- name: Friends Of Presta Security
kind: html-links
url: https://security.friendsofpresta.org/
@@ -697,7 +765,7 @@ systems:
max_items: 50
research_sources: []
package_names:
- ecosystem: composer
- ecosystem: Packagist
name: prestashop/prestashop
cpe_keys: [&quot;prestashop:prestashop&quot;]
ghsa_keywords: [prestashop]
@@ -727,10 +795,17 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.
replacement_sources: [Shopware Security Advisories, OSV Shopware]
ecosystem_sources:
- name: OSV Shopware
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: composer
- ecosystem: Packagist
name: shopware/platform
cpe_keys: []
ghsa_keywords: [shopware]
@@ -759,10 +834,17 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 50
ecosystem_sources: []
status: retired
retired_reason: OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.
replacement_sources: [OpenCart Releases, OSV OpenCart]
ecosystem_sources:
- name: OSV OpenCart
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: composer
- ecosystem: Packagist
name: opencart/opencart
cpe_keys: [&quot;opencart:opencart&quot;]
ghsa_keywords: [opencart]
@@ -791,10 +873,17 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.
replacement_sources: [GitHub Saleor Advisories, OSV Saleor]
ecosystem_sources:
- name: OSV Saleor
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: pypi
- ecosystem: PyPI
name: saleor
cpe_keys: []
ghsa_keywords: [saleor]
@@ -1157,6 +1246,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV Express replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV Express]
research_sources: []
package_names:
- ecosystem: npm
@@ -1195,6 +1287,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV NestJS replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV NestJS]
research_sources: []
package_names:
- ecosystem: npm
@@ -1359,6 +1454,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV Undici replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV Undici]
research_sources: []
package_names:
- ecosystem: npm
@@ -1397,6 +1495,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV webpack replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV webpack]
research_sources: []
package_names:
- ecosystem: npm
@@ -1435,6 +1536,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV esbuild replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV esbuild]
research_sources: []
package_names:
- ecosystem: npm
@@ -1775,6 +1879,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV Rails replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV Rails]
research_sources: []
package_names:
- ecosystem: RubyGems
@@ -2083,7 +2190,14 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.
replacement_sources: [phpMyAdmin Security Page, OSV phpMyAdmin]
ecosystem_sources:
- name: OSV phpMyAdmin
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: Packagist
@@ -2299,6 +2413,9 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.
replacement_sources: [Mattermost Security Updates JSON, OSV Mattermost]
- name: Mattermost Security Updates JSON
kind: json-feed
url: https://securityupdates.mattermost.com/security_updates.json
@@ -2307,9 +2424,15 @@ systems:
max_items: 600
request_policy:
accept: application/json
ecosystem_sources: []
ecosystem_sources:
- name: OSV Mattermost
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names: []
package_names:
- ecosystem: Go
name: github.com/mattermost/mattermost-server
cpe_keys: [&quot;mattermost:mattermost&quot;]
ghsa_keywords: [mattermost]
kev_keywords: [mattermost]
@@ -2337,7 +2460,14 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.
replacement_sources: [Redmine Security Advisories]
ecosystem_sources:
- name: OSV Redmine
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: RubyGems

16
08-threat-intel/generated/dashboard/docs/testing-completeness-report.html
查看文件

@@ -88,15 +88,15 @@
<div class="meta">工作台内置镜像页89 条 advisory 最新完整度、family 矩阵与 ingest 健康度。</div>
<pre># 全库 Advisory 完整度报告
- 生成时间: `2026-03-18T21:23:23+00:00`
- 生成时间: `2026-03-19T02:23:04+00:00`
- 最新 advisory 完整度: `89/89` `verified-real`
- 合成验证数量: `0`
- 阻塞数量: `0`
- 人工/待补证据数量: `0`
- 完整度百分比: `100.0%`
- active source 全绿: `125/125`
- active source 全绿: `118/118`
- source open alerts: `0`
- 最近一次 source 全绿: `2026-03-18T21:09:25+00:00`
- 最近一次 source 全绿: `2026-03-19T02:22:24+00:00`
## 系统覆盖矩阵
@@ -117,10 +117,14 @@
## Ingest / Source 健康度
- source failures: `0`
- active sources: `125`
- green sources: `125`
- source failures: `4`
- active sources: `118`
- green sources: `118`
- open alerts: `0`
- django::OSV Django::tls::HTTPSConnectionPool(host=&#x27;api.osv.dev&#x27;, port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, &#x27;EOF occurred in violation of protocol (_ssl.c:1129)&#x27;)))
- flask::OSV Flask::tls::HTTPSConnectionPool(host=&#x27;api.osv.dev&#x27;, port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, &#x27;EOF occurred in violation of protocol (_ssl.c:1129)&#x27;)))
- spring-security::OSV Spring Security::tls::HTTPSConnectionPool(host=&#x27;api.osv.dev&#x27;, port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, &#x27;EOF occurred in violation of protocol (_ssl.c:1129)&#x27;)))
- symfony::OSV Symfony::tls::HTTPSConnectionPool(host=&#x27;api.osv.dev&#x27;, port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, &#x27;EOF occurred in violation of protocol (_ssl.c:1129)&#x27;)))
## 剩余风险说明