Retired Sources & Replacement Map
工作台内置镜像页:退役源、退役原因和 replacement_sources 真值。
[
{
"system_id": "adminer",
"display_name": "Adminer",
"source_name": "NVD Adminer",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Adminer provides a machine-readable Packagist-aligned source, removing the need for NVD public search.",
"replacement_sources": [
"OSV Adminer"
],
"url": ""
},
{
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"source_name": "Adobe Security Bulletins",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "Original bulletin index probe was unstable under the old transport path; vendor index replacement uses explicit request policy and parser hints.",
"replacement_sources": [
"Adobe Magento Security Index",
"NVD Adobe Commerce",
"GHSA Adobe Commerce"
],
"url": "https://helpx.adobe.com/security/products/magento.html"
},
{
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"source_name": "GHSA Adobe Commerce",
"bucket": "ecosystem_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Adobe index and NVD remain active replacements.",
"replacement_sources": [
"Adobe Magento Security Index",
"NVD Adobe Commerce"
],
"url": ""
},
{
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"source_name": "NVD Adobe Commerce",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Adobe Magento Security Index is now the active official machine-readable source, so NVD public search is no longer needed for daily collection.",
"replacement_sources": [
"Adobe Magento Security Index"
],
"url": ""
},
{
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"source_name": "Sansec Research",
"bucket": "ecosystem_sources",
"kind": "vendor-index",
"retired_reason": "Research index is too slow for daily active monitoring; GHSA Adobe Commerce provides a stable machine-readable replacement.",
"replacement_sources": [
"GHSA Adobe Commerce",
"Adobe Magento Security Index"
],
"url": "https://sansec.io/research"
},
{
"system_id": "angular",
"display_name": "Angular",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Angular remains the active replacement source.",
"replacement_sources": [
"OSV Angular"
],
"url": ""
},
{
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"source_name": "NVD Apache HTTP Server",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Official Apache HTTPD advisories page plus CISA KEV are sufficient active sources for daily monitoring.",
"replacement_sources": [
"Apache HTTPD Security",
"CISA KEV Apache HTTPD"
],
"url": ""
},
{
"system_id": "apache-tomcat",
"display_name": "Apache Tomcat",
"source_name": "NVD Tomcat",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Official Tomcat advisories page plus CISA KEV are sufficient active sources for daily monitoring.",
"replacement_sources": [
"Apache Tomcat Security",
"CISA KEV Tomcat"
],
"url": ""
},
{
"system_id": "aspnet-core",
"display_name": "ASP.NET Core",
"source_name": "NVD ASP.NET Core",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV ASP.NET Core provides machine-readable NuGet-aligned coverage with lower latency than NVD public search.",
"replacement_sources": [
"OSV ASP.NET Core"
],
"url": ""
},
{
"system_id": "astro",
"display_name": "Astro",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Astro remains the active replacement source.",
"replacement_sources": [
"OSV Astro"
],
"url": ""
},
{
"system_id": "caddy",
"display_name": "Caddy",
"source_name": "GitHub Caddy Advisories",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "OSV Caddy is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.",
"replacement_sources": [
"OSV Caddy"
],
"url": "https://github.com/caddyserver/caddy/security/advisories"
},
{
"system_id": "discourse",
"display_name": "Discourse",
"source_name": "Discourse Meta Security",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "Meta security category HTML changed and no longer provides stable scrape semantics for health checks.",
"replacement_sources": [
"Discourse Release Notes RSS",
"GitHub Discourse Advisories"
],
"url": "https://meta.discourse.org/c/bug/security/40"
},
{
"system_id": "discourse",
"display_name": "Discourse",
"source_name": "GitHub Discourse Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Discourse release feed remains the active official source.",
"replacement_sources": [
"Discourse Release Notes RSS",
"Discourse Security RSS"
],
"url": ""
},
{
"system_id": "django",
"display_name": "Django",
"source_name": "Django Security RSS",
"bucket": "official_sources",
"kind": "rss-feed",
"retired_reason": "Official security tag feed became unstable; use official weblog index and release archive instead.",
"replacement_sources": [
"Django Security Weblog",
"Django Security Releases Archive"
],
"url": "https://www.djangoproject.com/weblog/feeds/tags/security/"
},
{
"system_id": "drupal",
"display_name": "Drupal",
"source_name": "NVD Drupal",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.",
"replacement_sources": [
"Drupal Security Advisories RSS",
"OSV Drupal"
],
"url": ""
},
{
"system_id": "esbuild",
"display_name": "esbuild",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV esbuild remains the active replacement source.",
"replacement_sources": [
"OSV esbuild"
],
"url": ""
},
{
"system_id": "esbuild",
"display_name": "esbuild",
"source_name": "NVD esbuild",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV esbuild replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV esbuild"
],
"url": ""
},
{
"system_id": "express",
"display_name": "Express",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Express remains the active replacement source.",
"replacement_sources": [
"OSV Express"
],
"url": ""
},
{
"system_id": "express",
"display_name": "Express",
"source_name": "NVD Express.js",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Express replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Express"
],
"url": ""
},
{
"system_id": "fastify",
"display_name": "Fastify",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Fastify remains the active replacement source.",
"replacement_sources": [
"OSV Fastify"
],
"url": ""
},
{
"system_id": "flask",
"display_name": "Flask",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Flask remains the active machine-readable source.",
"replacement_sources": [
"OSV Flask"
],
"url": ""
},
{
"system_id": "ghost",
"display_name": "Ghost",
"source_name": "NVD Ghost",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.",
"replacement_sources": [
"Ghost GitHub Advisories",
"OSV Ghost"
],
"url": ""
},
{
"system_id": "gitea",
"display_name": "Gitea",
"source_name": "GitHub Gitea Advisories",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "OSV Gitea is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.",
"replacement_sources": [
"OSV Gitea"
],
"url": "https://github.com/go-gitea/gitea/security/advisories"
},
{
"system_id": "gitlab-ce",
"display_name": "GitLab CE",
"source_name": "GitLab Security Releases",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "GitLab Security Releases Atom is the official machine-readable replacement; keeping both active adds duplicate cold-start cost without added coverage.",
"replacement_sources": [
"GitLab Security Releases Atom"
],
"url": "https://about.gitlab.com/releases/categories/releases/"
},
{
"system_id": "gitlab-ce",
"display_name": "GitLab CE",
"source_name": "NVD GitLab",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "GitLab Security Releases Atom provides an official machine-readable feed, so NVD public search is no longer required.",
"replacement_sources": [
"GitLab Security Releases",
"GitLab Security Releases Atom"
],
"url": ""
},
{
"system_id": "hapi",
"display_name": "Hapi",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Hapi remains the active replacement source.",
"replacement_sources": [
"OSV Hapi"
],
"url": ""
},
{
"system_id": "haproxy",
"display_name": "HAProxy",
"source_name": "HAProxy Security Advisories",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "Legacy haproxy.org security page no longer yields stable scrape results for monitoring.",
"replacement_sources": [
"HAProxy Blog Feed"
],
"url": "https://www.haproxy.org/security/"
},
{
"system_id": "haproxy",
"display_name": "HAProxy",
"source_name": "NVD HAProxy",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "HAProxy Blog Feed is an active official RSS source, so NVD public search is no longer required.",
"replacement_sources": [
"HAProxy Blog Feed"
],
"url": ""
},
{
"system_id": "jenkins",
"display_name": "Jenkins",
"source_name": "Jenkins Security Advisories",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "Jenkins Security Advisories RSS is the official machine-readable replacement; keeping both active adds duplicate cold-start cost without added coverage.",
"replacement_sources": [
"Jenkins Security Advisories RSS"
],
"url": "https://www.jenkins.io/security/advisories/"
},
{
"system_id": "jenkins",
"display_name": "Jenkins",
"source_name": "NVD Jenkins",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Jenkins Security Advisories RSS provides an official machine-readable feed, replacing NVD public search.",
"replacement_sources": [
"Jenkins Security Advisories",
"Jenkins Security Advisories RSS"
],
"url": ""
},
{
"system_id": "joomla",
"display_name": "Joomla",
"source_name": "NVD Joomla",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.",
"replacement_sources": [
"Joomla Security Centre",
"OSV Joomla"
],
"url": ""
},
{
"system_id": "kibana",
"display_name": "Kibana",
"source_name": "Elastic Security Announcements RSS",
"bucket": "official_sources",
"kind": "rss-feed",
"retired_reason": "Elastic Discuss RSS is frequently rate-limited by cloud_10_secs_limit during monitor/source-health bursts; use Elastic Product Security plus NVD Kibana for stable active coverage.",
"replacement_sources": [
"Elastic Product Security",
"NVD Kibana"
],
"url": "https://discuss.elastic.co/c/announcements/security-announcements/31.rss"
},
{
"system_id": "koa",
"display_name": "Koa",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Koa remains the active replacement source.",
"replacement_sources": [
"OSV Koa"
],
"url": ""
},
{
"system_id": "laravel",
"display_name": "Laravel",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Laravel remains the active machine-readable source.",
"replacement_sources": [
"OSV Laravel"
],
"url": ""
},
{
"system_id": "magento-open-source",
"display_name": "Magento Open Source",
"source_name": "NVD Magento",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Magento Open Source plus Magento GitHub advisories replace NVD public search for machine-readable collection.",
"replacement_sources": [
"Magento GitHub Advisories",
"OSV Magento Open Source"
],
"url": ""
},
{
"system_id": "mattermost",
"display_name": "Mattermost",
"source_name": "Mattermost Security Updates",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "Mattermost security updates page returned repeated 403 responses from the collector path; NVD replacement remains active.",
"replacement_sources": [
"NVD Mattermost"
],
"url": "https://mattermost.com/security-updates/"
},
{
"system_id": "mattermost",
"display_name": "Mattermost",
"source_name": "NVD Mattermost",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.",
"replacement_sources": [
"Mattermost Security Updates JSON",
"OSV Mattermost"
],
"url": ""
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
"source_name": "MediaWiki Security Releases",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "MediaWiki security page is no longer reachable reliably from the collector path; NVD replacement remains active.",
"replacement_sources": [
"MediaWiki Announce RSS",
"NVD MediaWiki"
],
"url": "https://www.mediawiki.org/wiki/Security"
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
"source_name": "NVD MediaWiki",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.",
"replacement_sources": [
"MediaWiki Announce RSS",
"OSV MediaWiki"
],
"url": ""
},
{
"system_id": "medusa",
"display_name": "Medusa",
"source_name": "GitHub Medusa Advisories",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "OSV Medusa is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.",
"replacement_sources": [
"OSV Medusa"
],
"url": "https://github.com/medusajs/medusa/security/advisories"
},
{
"system_id": "moodle",
"display_name": "Moodle",
"source_name": "Moodle Security News",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "Security page is reachable with a browser-style UA, but the current markup only exposes generic \"Discuss this topic\" anchors to the collector; NVD Moodle remains the active replacement source until a richer parser is added.",
"replacement_sources": [
"NVD Moodle"
],
"url": "https://moodle.org/security/"
},
{
"system_id": "moodle",
"display_name": "Moodle",
"source_name": "NVD Moodle",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.",
"replacement_sources": [
"OSV Moodle"
],
"url": ""
},
{
"system_id": "nestjs",
"display_name": "NestJS",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV NestJS remains the active replacement source.",
"replacement_sources": [
"OSV NestJS"
],
"url": ""
},
{
"system_id": "nestjs",
"display_name": "NestJS",
"source_name": "NVD NestJS",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV NestJS replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV NestJS"
],
"url": ""
},
{
"system_id": "nextjs",
"display_name": "Next.js",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub Next.js Advisories and OSV Next.js remain active replacements.",
"replacement_sources": [
"GitHub Next.js Advisories",
"OSV Next.js"
],
"url": ""
},
{
"system_id": "nextjs",
"display_name": "Next.js",
"source_name": "GitHub Next.js Advisories",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "OSV Next.js is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.",
"replacement_sources": [
"OSV Next.js"
],
"url": "https://github.com/vercel/next.js/security/advisories"
},
{
"system_id": "nginx",
"display_name": "Nginx",
"source_name": "NVD NGINX",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Official NGINX advisories page and CISA KEV together provide the needed daily signal without NVD public-search latency.",
"replacement_sources": [
"NGINX Security Advisories",
"CISA KEV NGINX"
],
"url": ""
},
{
"system_id": "nuxt",
"display_name": "Nuxt",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Nuxt Security and OSV Nuxt remain active replacements.",
"replacement_sources": [
"Nuxt Security",
"OSV Nuxt"
],
"url": ""
},
{
"system_id": "nuxt",
"display_name": "Nuxt",
"source_name": "Nuxt Security",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "OSV Nuxt is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.",
"replacement_sources": [
"OSV Nuxt"
],
"url": "https://github.com/nuxt/nuxt/security/advisories"
},
{
"system_id": "opencart",
"display_name": "OpenCart",
"source_name": "NVD OpenCart",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.",
"replacement_sources": [
"OpenCart Releases",
"OSV OpenCart"
],
"url": ""
},
{
"system_id": "openmage",
"display_name": "OpenMage / Mage-OS",
"source_name": "NVD OpenMage",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV OpenMage replaces NVD for machine-readable composer-aligned collection.",
"replacement_sources": [
"OpenMage GitHub Advisories",
"OSV OpenMage"
],
"url": ""
},
{
"system_id": "phpmyadmin",
"display_name": "phpMyAdmin",
"source_name": "NVD phpMyAdmin",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.",
"replacement_sources": [
"phpMyAdmin Security Page",
"OSV phpMyAdmin"
],
"url": ""
},
{
"system_id": "prestashop",
"display_name": "PrestaShop",
"source_name": "NVD PrestaShop",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.",
"replacement_sources": [
"PrestaShop Security Page",
"GitHub PrestaShop Advisories",
"OSV PrestaShop"
],
"url": ""
},
{
"system_id": "rails",
"display_name": "Ruby on Rails",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Rails remains the active machine-readable source.",
"replacement_sources": [
"OSV Rails"
],
"url": ""
},
{
"system_id": "rails",
"display_name": "Ruby on Rails",
"source_name": "NVD Ruby on Rails",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Rails replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Rails"
],
"url": ""
},
{
"system_id": "react",
"display_name": "React",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub React Advisories and OSV React remain active replacements.",
"replacement_sources": [
"GitHub React Advisories",
"OSV React"
],
"url": ""
},
{
"system_id": "react",
"display_name": "React",
"source_name": "GitHub React Advisories",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "OSV React is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.",
"replacement_sources": [
"OSV React"
],
"url": "https://github.com/facebook/react/security/advisories"
},
{
"system_id": "redmine",
"display_name": "Redmine",
"source_name": "NVD Redmine",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.",
"replacement_sources": [
"Redmine Security Advisories"
],
"url": ""
},
{
"system_id": "saleor",
"display_name": "Saleor",
"source_name": "NVD Saleor",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.",
"replacement_sources": [
"GitHub Saleor Advisories",
"OSV Saleor"
],
"url": ""
},
{
"system_id": "shopware",
"display_name": "Shopware",
"source_name": "NVD Shopware",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.",
"replacement_sources": [
"Shopware Security Advisories",
"OSV Shopware"
],
"url": ""
},
{
"system_id": "spring-boot",
"display_name": "Spring Boot",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.",
"replacement_sources": [
"Spring Security Advisories",
"OSV Spring Boot"
],
"url": ""
},
{
"system_id": "spring-framework",
"display_name": "Spring Framework",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring official page and OSV remain the active replacements.",
"replacement_sources": [
"Spring Security Advisories",
"OSV Spring Framework"
],
"url": ""
},
{
"system_id": "spring-security",
"display_name": "Spring Security",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.",
"replacement_sources": [
"Spring Security Advisories",
"OSV Spring Security"
],
"url": ""
},
{
"system_id": "sveltekit",
"display_name": "SvelteKit",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV SvelteKit remains the active replacement source.",
"replacement_sources": [
"OSV SvelteKit"
],
"url": ""
},
{
"system_id": "symfony",
"display_name": "Symfony",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Symfony remains the active machine-readable source.",
"replacement_sources": [
"OSV Symfony"
],
"url": ""
},
{
"system_id": "traefik",
"display_name": "Traefik",
"source_name": "GitHub Traefik Advisories",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "OSV Traefik is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.",
"replacement_sources": [
"OSV Traefik"
],
"url": "https://github.com/traefik/traefik/security/advisories"
},
{
"system_id": "undici",
"display_name": "Undici",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Undici remains the active replacement source.",
"replacement_sources": [
"OSV Undici"
],
"url": ""
},
{
"system_id": "undici",
"display_name": "Undici",
"source_name": "NVD Undici",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Undici replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Undici"
],
"url": ""
},
{
"system_id": "vite",
"display_name": "Vite",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vite Security and OSV Vite remain active replacements.",
"replacement_sources": [
"Vite Security",
"OSV Vite"
],
"url": ""
},
{
"system_id": "vite",
"display_name": "Vite",
"source_name": "Vite Security",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "OSV Vite is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.",
"replacement_sources": [
"OSV Vite"
],
"url": "https://github.com/vitejs/vite/security/advisories"
},
{
"system_id": "vue",
"display_name": "Vue",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vue Security and OSV Vue remain active replacements.",
"replacement_sources": [
"Vue Security",
"OSV Vue"
],
"url": ""
},
{
"system_id": "vue",
"display_name": "Vue",
"source_name": "Vue Security",
"bucket": "official_sources",
"kind": "html-links",
"retired_reason": "OSV Vue is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.",
"replacement_sources": [
"OSV Vue"
],
"url": "https://github.com/vuejs/core/security"
},
{
"system_id": "webpack",
"display_name": "webpack",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV webpack remains the active replacement source.",
"replacement_sources": [
"OSV webpack"
],
"url": ""
},
{
"system_id": "webpack",
"display_name": "webpack",
"source_name": "NVD webpack",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV webpack replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV webpack"
],
"url": ""
},
{
"system_id": "werkzeug",
"display_name": "Werkzeug",
"source_name": "GitHub Global Advisories",
"bucket": "official_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Werkzeug remains the active machine-readable source.",
"replacement_sources": [
"OSV Werkzeug"
],
"url": ""
},
{
"system_id": "woocommerce",
"display_name": "WooCommerce",
"source_name": "NVD WooCommerce",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.",
"replacement_sources": [
"Woo Developer Advisories",
"GitHub WooCommerce Advisories",
"OSV WooCommerce"
],
"url": ""
},
{
"system_id": "wordpress",
"display_name": "WordPress",
"source_name": "NVD WordPress",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.",
"replacement_sources": [
"WordPress Security News RSS",
"Wordfence Vulnerability Database",
"WPScan Vulnerability Database"
],
"url": ""
}
]