hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动
文件
49fe46ab8903d31defff63176e5a526bc31df89e
websafe-kb/08-threat-intel/generated/source-catalog-audit.md

16 KiB
原始文件 Blame 文件历史

Source Catalog Audit

  • generated_at: 2026-03-19T23:44:51+00:00
  • systems: 62
  • sources: 179
  • active_sources: 101
  • retired_sources: 78
  • systems_with_active_official: 61/62
  • systems_with_machine_readable_source: 61/62

Retired Sources

  • adminer NVD Adminer -> replacements: OSV Adminer | reason: OSV Adminer provides a machine-readable Packagist-aligned source, removing the need for NVD public search.
  • adobe-commerce Adobe Security Bulletins -> replacements: Adobe Magento Security Index, NVD Adobe Commerce, GHSA Adobe Commerce | reason: Original bulletin index probe was unstable under the old transport path; vendor index replacement uses explicit request policy and parser hints.
  • adobe-commerce GHSA Adobe Commerce -> replacements: Adobe Magento Security Index, NVD Adobe Commerce | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Adobe index and NVD remain active replacements.
  • adobe-commerce NVD Adobe Commerce -> replacements: Adobe Magento Security Index | reason: Adobe Magento Security Index is now the active official machine-readable source, so NVD public search is no longer needed for daily collection.
  • adobe-commerce Sansec Research -> replacements: GHSA Adobe Commerce, Adobe Magento Security Index | reason: Research index is too slow for daily active monitoring; GHSA Adobe Commerce provides a stable machine-readable replacement.
  • angular GitHub Global Advisories -> replacements: OSV Angular | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Angular remains the active replacement source.
  • apache-httpd NVD Apache HTTP Server -> replacements: Apache HTTPD Security, CISA KEV Apache HTTPD | reason: Official Apache HTTPD advisories page plus CISA KEV are sufficient active sources for daily monitoring.
  • apache-tomcat NVD Tomcat -> replacements: Apache Tomcat Security, CISA KEV Tomcat | reason: Official Tomcat advisories page plus CISA KEV are sufficient active sources for daily monitoring.
  • aspnet-core NVD ASP.NET Core -> replacements: OSV ASP.NET Core | reason: OSV ASP.NET Core provides machine-readable NuGet-aligned coverage with lower latency than NVD public search.
  • astro GitHub Global Advisories -> replacements: OSV Astro | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Astro remains the active replacement source.
  • caddy GitHub Caddy Advisories -> replacements: OSV Caddy | reason: OSV Caddy is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.
  • discourse Discourse Meta Security -> replacements: Discourse Release Notes RSS, GitHub Discourse Advisories | reason: Meta security category HTML changed and no longer provides stable scrape semantics for health checks.
  • discourse GitHub Discourse Advisories -> replacements: Discourse Release Notes RSS, Discourse Security RSS | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Discourse release feed remains the active official source.
  • django Django Security RSS -> replacements: Django Security Weblog, Django Security Releases Archive | reason: Official security tag feed became unstable; use official weblog index and release archive instead.
  • drupal NVD Drupal -> replacements: Drupal Security Advisories RSS, OSV Drupal | reason: OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.
  • esbuild GitHub Global Advisories -> replacements: OSV esbuild | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV esbuild remains the active replacement source.
  • esbuild NVD esbuild -> replacements: OSV esbuild | reason: OSV esbuild replaces NVD public search for lower-latency machine-readable collection.
  • express GitHub Global Advisories -> replacements: OSV Express | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Express remains the active replacement source.
  • express NVD Express.js -> replacements: OSV Express | reason: OSV Express replaces NVD public search for lower-latency machine-readable collection.
  • fastify GitHub Global Advisories -> replacements: OSV Fastify | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Fastify remains the active replacement source.
  • flask GitHub Global Advisories -> replacements: OSV Flask | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Flask remains the active machine-readable source.
  • ghost NVD Ghost -> replacements: Ghost GitHub Advisories, OSV Ghost | reason: OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.
  • gitea GitHub Gitea Advisories -> replacements: OSV Gitea | reason: OSV Gitea is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.
  • gitlab-ce GitLab Security Releases -> replacements: GitLab Security Releases Atom | reason: GitLab Security Releases Atom is the official machine-readable replacement; keeping both active adds duplicate cold-start cost without added coverage.
  • gitlab-ce NVD GitLab -> replacements: GitLab Security Releases, GitLab Security Releases Atom | reason: GitLab Security Releases Atom provides an official machine-readable feed, so NVD public search is no longer required.
  • hapi GitHub Global Advisories -> replacements: OSV Hapi | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Hapi remains the active replacement source.
  • haproxy HAProxy Security Advisories -> replacements: HAProxy Blog Feed | reason: Legacy haproxy.org security page no longer yields stable scrape results for monitoring.
  • haproxy NVD HAProxy -> replacements: HAProxy Blog Feed | reason: HAProxy Blog Feed is an active official RSS source, so NVD public search is no longer required.
  • jenkins Jenkins Security Advisories -> replacements: Jenkins Security Advisories RSS | reason: Jenkins Security Advisories RSS is the official machine-readable replacement; keeping both active adds duplicate cold-start cost without added coverage.
  • jenkins NVD Jenkins -> replacements: Jenkins Security Advisories, Jenkins Security Advisories RSS | reason: Jenkins Security Advisories RSS provides an official machine-readable feed, replacing NVD public search.
  • joomla NVD Joomla -> replacements: Joomla Security Centre, OSV Joomla | reason: OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.
  • kibana Elastic Security Announcements -> replacements: Elastic Security Announcements RSS | reason: Elastic Security Announcements RSS is the official machine-readable replacement; keeping both active adds duplicate cold-start cost without added coverage.
  • kibana NVD Kibana -> replacements: Elastic Security Announcements, Elastic Security Announcements RSS | reason: Elastic Security Announcements RSS provides an official machine-readable feed, replacing NVD public search.
  • koa GitHub Global Advisories -> replacements: OSV Koa | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Koa remains the active replacement source.
  • laravel GitHub Global Advisories -> replacements: OSV Laravel | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Laravel remains the active machine-readable source.
  • magento-open-source NVD Magento -> replacements: Magento GitHub Advisories, OSV Magento Open Source | reason: OSV Magento Open Source plus Magento GitHub advisories replace NVD public search for machine-readable collection.
  • mattermost Mattermost Security Updates -> replacements: NVD Mattermost | reason: Mattermost security updates page returned repeated 403 responses from the collector path; NVD replacement remains active.
  • mattermost NVD Mattermost -> replacements: Mattermost Security Updates JSON, OSV Mattermost | reason: Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.
  • mediawiki MediaWiki Security Releases -> replacements: MediaWiki Announce RSS, NVD MediaWiki | reason: MediaWiki security page is no longer reachable reliably from the collector path; NVD replacement remains active.
  • mediawiki NVD MediaWiki -> replacements: MediaWiki Announce RSS, OSV MediaWiki | reason: MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.
  • medusa GitHub Medusa Advisories -> replacements: OSV Medusa | reason: OSV Medusa is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.
  • moodle Moodle Security News -> replacements: NVD Moodle | reason: Security page is reachable with a browser-style UA, but the current markup only exposes generic "Discuss this topic" anchors to the collector; NVD Moodle remains the active replacement source until a richer parser is added.
  • moodle NVD Moodle -> replacements: OSV Moodle | reason: OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.
  • nestjs GitHub Global Advisories -> replacements: OSV NestJS | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV NestJS remains the active replacement source.
  • nestjs NVD NestJS -> replacements: OSV NestJS | reason: OSV NestJS replaces NVD public search for lower-latency machine-readable collection.
  • nextjs GitHub Global Advisories -> replacements: GitHub Next.js Advisories, OSV Next.js | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub Next.js Advisories and OSV Next.js remain active replacements.
  • nextjs GitHub Next.js Advisories -> replacements: OSV Next.js | reason: OSV Next.js is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.
  • nginx NVD NGINX -> replacements: NGINX Security Advisories, CISA KEV NGINX | reason: Official NGINX advisories page and CISA KEV together provide the needed daily signal without NVD public-search latency.
  • nuxt GitHub Global Advisories -> replacements: Nuxt Security, OSV Nuxt | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Nuxt Security and OSV Nuxt remain active replacements.
  • nuxt Nuxt Security -> replacements: OSV Nuxt | reason: OSV Nuxt is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.
  • opencart NVD OpenCart -> replacements: OpenCart Releases, OSV OpenCart | reason: OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.
  • openmage NVD OpenMage -> replacements: OpenMage GitHub Advisories, OSV OpenMage | reason: OSV OpenMage replaces NVD for machine-readable composer-aligned collection.
  • phpmyadmin NVD phpMyAdmin -> replacements: phpMyAdmin Security Page, OSV phpMyAdmin | reason: OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.
  • prestashop NVD PrestaShop -> replacements: PrestaShop Security Page, GitHub PrestaShop Advisories, OSV PrestaShop | reason: OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.
  • rails GitHub Global Advisories -> replacements: OSV Rails | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Rails remains the active machine-readable source.
  • rails NVD Ruby on Rails -> replacements: OSV Rails | reason: OSV Rails replaces NVD public search for lower-latency machine-readable collection.
  • react GitHub Global Advisories -> replacements: GitHub React Advisories, OSV React | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub React Advisories and OSV React remain active replacements.
  • react GitHub React Advisories -> replacements: OSV React | reason: OSV React is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.
  • redmine NVD Redmine -> replacements: Redmine Security Advisories | reason: Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.
  • saleor NVD Saleor -> replacements: GitHub Saleor Advisories, OSV Saleor | reason: OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.
  • shopware NVD Shopware -> replacements: Shopware Security Advisories, OSV Shopware | reason: OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.
  • spring-boot GitHub Global Advisories -> replacements: Spring Security Advisories, OSV Spring Boot | reason: Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.
  • spring-framework GitHub Global Advisories -> replacements: Spring Security Advisories, OSV Spring Framework | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring official page and OSV remain the active replacements.
  • spring-security GitHub Global Advisories -> replacements: Spring Security Advisories, OSV Spring Security | reason: Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.
  • sveltekit GitHub Global Advisories -> replacements: OSV SvelteKit | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV SvelteKit remains the active replacement source.
  • symfony GitHub Global Advisories -> replacements: OSV Symfony | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Symfony remains the active machine-readable source.
  • traefik GitHub Traefik Advisories -> replacements: OSV Traefik | reason: OSV Traefik is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.
  • undici GitHub Global Advisories -> replacements: OSV Undici | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Undici remains the active replacement source.
  • undici NVD Undici -> replacements: OSV Undici | reason: OSV Undici replaces NVD public search for lower-latency machine-readable collection.
  • vite GitHub Global Advisories -> replacements: Vite Security, OSV Vite | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vite Security and OSV Vite remain active replacements.
  • vite Vite Security -> replacements: OSV Vite | reason: OSV Vite is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.
  • vue GitHub Global Advisories -> replacements: Vue Security, OSV Vue | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vue Security and OSV Vue remain active replacements.
  • vue Vue Security -> replacements: OSV Vue | reason: OSV Vue is the active official machine-readable replacement; keeping GitHub HTML advisories active adds duplicate cold-start cost.
  • webpack GitHub Global Advisories -> replacements: OSV webpack | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV webpack remains the active replacement source.
  • webpack NVD webpack -> replacements: OSV webpack | reason: OSV webpack replaces NVD public search for lower-latency machine-readable collection.
  • werkzeug GitHub Global Advisories -> replacements: OSV Werkzeug | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Werkzeug remains the active machine-readable source.
  • woocommerce NVD WooCommerce -> replacements: Woo Developer Advisories, GitHub WooCommerce Advisories, OSV WooCommerce | reason: OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.
  • wordpress NVD WordPress -> replacements: WordPress Security News RSS, Wordfence Vulnerability Database, WPScan Vulnerability Database | reason: WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.
在新工单中引用 查看 Git Blame 复制永久链接