feat: "language" parser for .deb control data #2917
Labels
enhancement
New feature or request
hackathon
Issues for folk participating in the Open Ecosystems hackathon
hacktoberfest
good issue for hacktoberfest participation
.debs have a set of control fields which contain a bunch of information that looks awfully like the
{vendor, product, version}
tuplet we use for NVD lookups:https://www.debian.org/doc/debian-policy/ch-controlfields.html
I think it should be possible to read these files similar to the way we read package lists.
For NVD lookup, we would want to intentionally build in some special cases for things like python files which are all packaged with the prefix
python3-
and so on rather than just assuming the name is correct, and maybe trying to do some nice parsing of the url included to see if that can be used to better guess thevendor
.The release-monitoring.org website may help you with names across distros. e.g. https://release-monitoring.org/project/3779/
Anyone working on this:
The text was updated successfully, but these errors were encountered: