[ { "system_id": "adobe-commerce", "display_name": "Adobe Commerce", "source_name": "Adobe Security Bulletins", "bucket": "official_sources", "kind": "html-links", "retired_reason": "Original bulletin index probe was unstable under the old transport path; vendor index replacement uses explicit request policy and parser hints.", "replacement_sources": [ "Adobe Magento Security Index", "NVD Adobe Commerce", "GHSA Adobe Commerce" ], "url": "https://helpx.adobe.com/security/products/magento.html" }, { "system_id": "adobe-commerce", "display_name": "Adobe Commerce", "source_name": "GHSA Adobe Commerce", "bucket": "ecosystem_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Adobe index and NVD remain active replacements.", "replacement_sources": [ "Adobe Magento Security Index", "NVD Adobe Commerce" ], "url": "" }, { "system_id": "adobe-commerce", "display_name": "Adobe Commerce", "source_name": "Sansec Research", "bucket": "ecosystem_sources", "kind": "vendor-index", "retired_reason": "Research index is too slow for daily active monitoring; GHSA Adobe Commerce provides a stable machine-readable replacement.", "replacement_sources": [ "GHSA Adobe Commerce", "Adobe Magento Security Index" ], "url": "https://sansec.io/research" }, { "system_id": "angular", "display_name": "Angular", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Angular remains the active replacement source.", "replacement_sources": [ "OSV Angular" ], "url": "" }, { "system_id": "astro", "display_name": "Astro", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Astro remains the active replacement source.", "replacement_sources": [ "OSV Astro" ], "url": "" }, { "system_id": "discourse", "display_name": "Discourse", "source_name": "Discourse Meta Security", "bucket": "official_sources", "kind": "html-links", "retired_reason": "Meta security category HTML changed and no longer provides stable scrape semantics for health checks.", "replacement_sources": [ "Discourse Release Notes RSS", "GitHub Discourse Advisories" ], "url": "https://meta.discourse.org/c/bug/security/40" }, { "system_id": "discourse", "display_name": "Discourse", "source_name": "GitHub Discourse Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Discourse release feed remains the active official source.", "replacement_sources": [ "Discourse Release Notes RSS", "Discourse Security RSS" ], "url": "" }, { "system_id": "django", "display_name": "Django", "source_name": "Django Security RSS", "bucket": "official_sources", "kind": "rss-feed", "retired_reason": "Official security tag feed became unstable; use official weblog index and release archive instead.", "replacement_sources": [ "Django Security Weblog", "Django Security Releases Archive" ], "url": "https://www.djangoproject.com/weblog/feeds/tags/security/" }, { "system_id": "drupal", "display_name": "Drupal", "source_name": "Drupal Security Advisories Site", "bucket": "ecosystem_sources", "kind": "html-links", "retired_reason": "Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.", "replacement_sources": [ "Drupal Security Advisories RSS", "GHSA Drupal Core" ], "url": "https://www.drupal.org/security" }, { "system_id": "drupal", "display_name": "Drupal", "source_name": "GHSA Drupal Core", "bucket": "ecosystem_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.", "replacement_sources": [ "Drupal Security Advisories RSS", "NVD Drupal" ], "url": "" }, { "system_id": "esbuild", "display_name": "esbuild", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV esbuild remains the active replacement source.", "replacement_sources": [ "OSV esbuild" ], "url": "" }, { "system_id": "express", "display_name": "Express", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Express remains the active replacement source.", "replacement_sources": [ "OSV Express" ], "url": "" }, { "system_id": "fastify", "display_name": "Fastify", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Fastify remains the active replacement source.", "replacement_sources": [ "OSV Fastify" ], "url": "" }, { "system_id": "flask", "display_name": "Flask", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Flask remains the active machine-readable source.", "replacement_sources": [ "OSV Flask" ], "url": "" }, { "system_id": "hapi", "display_name": "Hapi", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Hapi remains the active replacement source.", "replacement_sources": [ "OSV Hapi" ], "url": "" }, { "system_id": "haproxy", "display_name": "HAProxy", "source_name": "HAProxy Security Advisories", "bucket": "official_sources", "kind": "html-links", "retired_reason": "Legacy haproxy.org security page no longer yields stable scrape results for monitoring.", "replacement_sources": [ "HAProxy Blog Feed" ], "url": "https://www.haproxy.org/security/" }, { "system_id": "koa", "display_name": "Koa", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Koa remains the active replacement source.", "replacement_sources": [ "OSV Koa" ], "url": "" }, { "system_id": "laravel", "display_name": "Laravel", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Laravel remains the active machine-readable source.", "replacement_sources": [ "OSV Laravel" ], "url": "" }, { "system_id": "mattermost", "display_name": "Mattermost", "source_name": "Mattermost Security Updates", "bucket": "official_sources", "kind": "html-links", "retired_reason": "Mattermost security updates page returned repeated 403 responses from the collector path; NVD replacement remains active.", "replacement_sources": [ "NVD Mattermost" ], "url": "https://mattermost.com/security-updates/" }, { "system_id": "mediawiki", "display_name": "MediaWiki", "source_name": "MediaWiki Security Releases", "bucket": "official_sources", "kind": "html-links", "retired_reason": "MediaWiki security page is no longer reachable reliably from the collector path; NVD replacement remains active.", "replacement_sources": [ "MediaWiki Announce RSS", "NVD MediaWiki" ], "url": "https://www.mediawiki.org/wiki/Security" }, { "system_id": "moodle", "display_name": "Moodle", "source_name": "Moodle Security News", "bucket": "official_sources", "kind": "html-links", "retired_reason": "Security page is reachable with a browser-style UA, but the current markup only exposes generic \"Discuss this topic\" anchors to the collector; NVD Moodle remains the active replacement source until a richer parser is added.", "replacement_sources": [ "NVD Moodle" ], "url": "https://moodle.org/security/" }, { "system_id": "nestjs", "display_name": "NestJS", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV NestJS remains the active replacement source.", "replacement_sources": [ "OSV NestJS" ], "url": "" }, { "system_id": "nextjs", "display_name": "Next.js", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub Next.js Advisories and OSV Next.js remain active replacements.", "replacement_sources": [ "GitHub Next.js Advisories", "OSV Next.js" ], "url": "" }, { "system_id": "nuxt", "display_name": "Nuxt", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Nuxt Security and OSV Nuxt remain active replacements.", "replacement_sources": [ "Nuxt Security", "OSV Nuxt" ], "url": "" }, { "system_id": "rails", "display_name": "Ruby on Rails", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Rails remains the active machine-readable source.", "replacement_sources": [ "OSV Rails" ], "url": "" }, { "system_id": "react", "display_name": "React", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub React Advisories and OSV React remain active replacements.", "replacement_sources": [ "GitHub React Advisories", "OSV React" ], "url": "" }, { "system_id": "spring-boot", "display_name": "Spring Boot", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.", "replacement_sources": [ "Spring Security Advisories", "OSV Spring Boot" ], "url": "" }, { "system_id": "spring-framework", "display_name": "Spring Framework", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring official page and OSV remain the active replacements.", "replacement_sources": [ "Spring Security Advisories", "OSV Spring Framework" ], "url": "" }, { "system_id": "spring-security", "display_name": "Spring Security", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.", "replacement_sources": [ "Spring Security Advisories", "OSV Spring Security" ], "url": "" }, { "system_id": "sveltekit", "display_name": "SvelteKit", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV SvelteKit remains the active replacement source.", "replacement_sources": [ "OSV SvelteKit" ], "url": "" }, { "system_id": "symfony", "display_name": "Symfony", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Symfony remains the active machine-readable source.", "replacement_sources": [ "OSV Symfony" ], "url": "" }, { "system_id": "undici", "display_name": "Undici", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Undici remains the active replacement source.", "replacement_sources": [ "OSV Undici" ], "url": "" }, { "system_id": "vite", "display_name": "Vite", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vite Security and OSV Vite remain active replacements.", "replacement_sources": [ "Vite Security", "OSV Vite" ], "url": "" }, { "system_id": "vue", "display_name": "Vue", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vue Security and OSV Vue remain active replacements.", "replacement_sources": [ "Vue Security", "OSV Vue" ], "url": "" }, { "system_id": "webpack", "display_name": "webpack", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV webpack remains the active replacement source.", "replacement_sources": [ "OSV webpack" ], "url": "" }, { "system_id": "werkzeug", "display_name": "Werkzeug", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Werkzeug remains the active machine-readable source.", "replacement_sources": [ "OSV Werkzeug" ], "url": "" } ]