websafe-kb/08-threat-intel/generated/dashboard/docs/source-catalog-audit.html

<!doctype html>
<html lang="zh-CN">
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <title>Source Catalog Audit</title>
  <style>
    :root {
      --bg: #08111f;
      --panel: rgba(9, 18, 32, 0.9);
      --border: rgba(137, 171, 214, 0.2);
      --text: #f7fafc;
      --muted: #9fb3ca;
      --accent: #5eead4;
    }
    * { box-sizing: border-box; }
    body {
      margin: 0;
      min-height: 100vh;
      font-family: "IBM Plex Sans", "Segoe UI", sans-serif;
      color: var(--text);
      background:
        radial-gradient(circle at top left, rgba(94, 234, 212, 0.12), transparent 26%),
        linear-gradient(160deg, #050c16 0%, #091526 50%, #10233d 100%);
    }
    main {
      max-width: 1080px;
      margin: 0 auto;
      padding: 32px 20px 40px;
    }
    .panel {
      background: var(--panel);
      border: 1px solid var(--border);
      border-radius: 20px;
      padding: 24px;
      box-shadow: 0 24px 80px rgba(1, 7, 20, 0.45);
    }
    .actions {
      display: flex;
      flex-wrap: wrap;
      gap: 12px;
      margin-bottom: 18px;
    }
    .chip {
      display: inline-flex;
      align-items: center;
      gap: 8px;
      border-radius: 999px;
      border: 1px solid var(--border);
      padding: 10px 14px;
      color: var(--text);
      background: rgba(255,255,255,0.05);
      text-decoration: none;
    }
    .chip:hover { border-color: rgba(94, 234, 212, 0.42); }
    h1 {
      margin: 0 0 12px;
      font-family: "IBM Plex Serif", Georgia, serif;
      font-size: clamp(1.8rem, 4vw, 3rem);
      line-height: 1.08;
    }
    .meta {
      color: var(--muted);
      margin-bottom: 18px;
    }
    pre {
      margin: 0;
      padding: 20px;
      overflow: auto;
      border-radius: 16px;
      border: 1px solid rgba(137, 171, 214, 0.12);
      background: rgba(2, 8, 22, 0.84);
      color: #d6e5f5;
      font-family: "IBM Plex Mono", "SFMono-Regular", monospace;
      font-size: 0.92rem;
      line-height: 1.6;
      white-space: pre-wrap;
    }
  </style>
</head>
<body>
  <main>
    <div class="panel">
      <div class="actions">
        <a class="chip" href="/overview/index.html">返回工作台</a>
      </div>
      <h1>Source Catalog Audit</h1>
      <div class="meta">工作台内置镜像页：active/retired source、replacement map 与覆盖摘要。</div>
      <pre># Source Catalog Audit

- generated_at: `2026-03-18T17:41:42+00:00`
- systems: `62`
- sources: `146`
- active_sources: `110`
- retired_sources: `36`
- systems_with_active_official: `62/62`
- systems_with_machine_readable_source: `57/62`

## Retired Sources

- `adobe-commerce` `Adobe Security Bulletins` -&gt; replacements: `Adobe Magento Security Index, NVD Adobe Commerce, GHSA Adobe Commerce` | reason: Original bulletin index probe was unstable under the old transport path; vendor index replacement uses explicit request policy and parser hints.
- `adobe-commerce` `GHSA Adobe Commerce` -&gt; replacements: `Adobe Magento Security Index, NVD Adobe Commerce` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Adobe index and NVD remain active replacements.
- `adobe-commerce` `Sansec Research` -&gt; replacements: `GHSA Adobe Commerce, Adobe Magento Security Index` | reason: Research index is too slow for daily active monitoring; GHSA Adobe Commerce provides a stable machine-readable replacement.
- `angular` `GitHub Global Advisories` -&gt; replacements: `OSV Angular` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Angular remains the active replacement source.
- `astro` `GitHub Global Advisories` -&gt; replacements: `OSV Astro` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Astro remains the active replacement source.
- `discourse` `Discourse Meta Security` -&gt; replacements: `Discourse Release Notes RSS, GitHub Discourse Advisories` | reason: Meta security category HTML changed and no longer provides stable scrape semantics for health checks.
- `discourse` `GitHub Discourse Advisories` -&gt; replacements: `Discourse Release Notes RSS` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Discourse release feed remains the active official source.
- `django` `Django Security RSS` -&gt; replacements: `Django Security Weblog, Django Security Releases Archive` | reason: Official security tag feed became unstable; use official weblog index and release archive instead.
- `drupal` `Drupal Security Advisories Site` -&gt; replacements: `Drupal Security Advisories RSS, GHSA Drupal Core` | reason: Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.
- `drupal` `GHSA Drupal Core` -&gt; replacements: `Drupal Security Advisories RSS, NVD Drupal` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.
- `esbuild` `GitHub Global Advisories` -&gt; replacements: `OSV esbuild` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV esbuild remains the active replacement source.
- `express` `GitHub Global Advisories` -&gt; replacements: `OSV Express` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Express remains the active replacement source.
- `fastify` `GitHub Global Advisories` -&gt; replacements: `OSV Fastify` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Fastify remains the active replacement source.
- `flask` `GitHub Global Advisories` -&gt; replacements: `OSV Flask` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Flask remains the active machine-readable source.
- `hapi` `GitHub Global Advisories` -&gt; replacements: `OSV Hapi` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Hapi remains the active replacement source.
- `haproxy` `HAProxy Security Advisories` -&gt; replacements: `HAProxy Blog Feed` | reason: Legacy haproxy.org security page no longer yields stable scrape results for monitoring.
- `koa` `GitHub Global Advisories` -&gt; replacements: `OSV Koa` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Koa remains the active replacement source.
- `laravel` `GitHub Global Advisories` -&gt; replacements: `OSV Laravel` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Laravel remains the active machine-readable source.
- `mattermost` `Mattermost Security Updates` -&gt; replacements: `NVD Mattermost` | reason: Mattermost security updates page returned repeated 403 responses from the collector path; NVD replacement remains active.
- `mediawiki` `MediaWiki Security Releases` -&gt; replacements: `NVD MediaWiki` | reason: MediaWiki security page is no longer reachable reliably from the collector path; NVD replacement remains active.
- `moodle` `Moodle Security News` -&gt; replacements: `NVD Moodle` | reason: Moodle security page returned repeated 403 responses from the collector path; NVD replacement remains active.
- `nestjs` `GitHub Global Advisories` -&gt; replacements: `OSV NestJS` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV NestJS remains the active replacement source.
- `nextjs` `GitHub Global Advisories` -&gt; replacements: `GitHub Next.js Advisories, OSV Next.js` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub Next.js Advisories and OSV Next.js remain active replacements.
- `nuxt` `GitHub Global Advisories` -&gt; replacements: `Nuxt Security, OSV Nuxt` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Nuxt Security and OSV Nuxt remain active replacements.
- `rails` `GitHub Global Advisories` -&gt; replacements: `OSV Rails` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Rails remains the active machine-readable source.
- `react` `GitHub Global Advisories` -&gt; replacements: `GitHub React Advisories, OSV React` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub React Advisories and OSV React remain active replacements.
- `spring-boot` `GitHub Global Advisories` -&gt; replacements: `Spring Security Advisories` | reason: Unauthenticated GitHub advisory API is quota-limited; Spring official security page remains the active source.
- `spring-framework` `GitHub Global Advisories` -&gt; replacements: `Spring Security Advisories` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring Security Advisories remains the active replacement source.
- `spring-security` `GitHub Global Advisories` -&gt; replacements: `Spring Security Advisories` | reason: Unauthenticated GitHub advisory API is quota-limited; Spring official security page remains the active source.
- `sveltekit` `GitHub Global Advisories` -&gt; replacements: `OSV SvelteKit` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV SvelteKit remains the active replacement source.
- `symfony` `GitHub Global Advisories` -&gt; replacements: `OSV Symfony` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Symfony remains the active machine-readable source.
- `undici` `GitHub Global Advisories` -&gt; replacements: `OSV Undici` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Undici remains the active replacement source.
- `vite` `GitHub Global Advisories` -&gt; replacements: `Vite Security, OSV Vite` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vite Security and OSV Vite remain active replacements.
- `vue` `GitHub Global Advisories` -&gt; replacements: `Vue Security, OSV Vue` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vue Security and OSV Vue remain active replacements.
- `webpack` `GitHub Global Advisories` -&gt; replacements: `OSV webpack` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV webpack remains the active replacement source.
- `werkzeug` `GitHub Global Advisories` -&gt; replacements: `OSV Werkzeug` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Werkzeug remains the active machine-readable source.
</pre>
    </div>
  </main>
</body>
</html>