feat: sync version-driven intel coverage

2026-03-21 18:18:55 -07:00
--- a/08-threat-intel/generated/entity-discovery-backlog.md
+++ b/08-threat-intel/generated/entity-discovery-backlog.md
@@ -1,24 +1,14 @@
 # 分层实体发现 Backlog

- 生成时间: `2026-03-21T13:36:59+00:00`
- 待编目数量: `17`
+- 生成时间: `2026-03-22T01:17:37+00:00`
+- 待编目数量: `7`

 | candidate_id | root_system | entity_type | risk | reason | waiting_for | source |
 | --- | --- | --- | --- | --- | --- | --- |
-| directus--repo-candidate--https-github-com-directus-directus | directus | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/directus/directus/security/advisories |
-| ghost--repo-candidate--https-github-com-tryghost-ghost | ghost | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/TryGhost/Ghost/security/advisories |
-| gitea--repo-candidate--https-github-com-go-gitea-gitea | gitea | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/go-gitea/gitea/security/advisories |
-| magento-open-source--repo-candidate--https-github-com-magento-magento2 | magento-open-source | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/magento/magento2/security/advisories |
-| medusa--repo-candidate--https-github-com-medusajs-medusa | medusa | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/medusajs/medusa/security/advisories |
-| nextjs--repo-candidate--https-github-com-vercel-next-js | nextjs | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/vercel/next.js/security/advisories |
-| nuxt--repo-candidate--https-github-com-nuxt-nuxt | nuxt | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/nuxt/nuxt/security/advisories |
-| opencart--repo-candidate--https-github-com-opencart-opencart | opencart | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/opencart/opencart/releases |
-| openmage--repo-candidate--https-github-com-openmage-magento-lts | openmage | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/OpenMage/magento-lts/security/advisories |
-| prestashop--repo-candidate--https-github-com-prestashop-prestashop | prestashop | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/PrestaShop/PrestaShop/security/advisories |
-| react--repo-candidate--https-github-com-facebook-react | react | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/facebook/react/security/advisories |
-| saleor--repo-candidate--https-github-com-saleor-saleor | saleor | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/saleor/saleor/security/advisories |
-| shopware--repo-candidate--https-github-com-shopware-shopware | shopware | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/shopware/shopware/security/advisories |
-| strapi--repo-candidate--https-github-com-strapi-strapi | strapi | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/strapi/strapi/security/advisories |
-| vite--repo-candidate--https-github-com-vitejs-vite | vite | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/vitejs/vite/security/advisories |
-| vue--repo-candidate--https-github-com-vuejs-core | vue | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/vuejs/core/security |
-| woocommerce--repo-candidate--https-github-com-woocommerce-woocommerce | woocommerce | repo | medium | source catalog exposed a repo-like URL that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/package 实体并补齐历史漏洞 | https://github.com/woocommerce/woocommerce/security/advisories |
+| gitea--repo-candidate--https-github-com-go-gitea-gitea | gitea | repo | medium | source catalog exposed a stable security-related object that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/plugin/package 实体并补齐安全相关版本与历史漏洞 | https://github.com/go-gitea/gitea/security/advisories |
+| medusa--repo-candidate--https-github-com-medusajs-medusa | medusa | repo | medium | source catalog exposed a stable security-related object that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/plugin/package 实体并补齐安全相关版本与历史漏洞 | https://github.com/medusajs/medusa/security/advisories |
+| nextjs--repo-candidate--https-github-com-vercel-next-js | nextjs | repo | medium | source catalog exposed a stable security-related object that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/plugin/package 实体并补齐安全相关版本与历史漏洞 | https://github.com/vercel/next.js/security/advisories |
+| nuxt--repo-candidate--https-github-com-nuxt-nuxt | nuxt | repo | medium | source catalog exposed a stable security-related object that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/plugin/package 实体并补齐安全相关版本与历史漏洞 | https://github.com/nuxt/nuxt/security/advisories |
+| react--repo-candidate--https-github-com-facebook-react | react | repo | medium | source catalog exposed a stable security-related object that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/plugin/package 实体并补齐安全相关版本与历史漏洞 | https://github.com/facebook/react/security/advisories |
+| vite--repo-candidate--https-github-com-vitejs-vite | vite | repo | medium | source catalog exposed a stable security-related object that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/plugin/package 实体并补齐安全相关版本与历史漏洞 | https://github.com/vitejs/vite/security/advisories |
+| vue--repo-candidate--https-github-com-vuejs-core | vue | repo | medium | source catalog exposed a stable security-related object that is not yet cataloged as an entity | 确认是否应升级为 cataloged repo/plugin/package 实体并补齐安全相关版本与历史漏洞 | https://github.com/vuejs/core/security |