FLOSS-Security
/
foss-vuln-tracker
mirror of https://github.com/standash/foss-vuln-tracker
1
0
Fork 0
Code Issues Releases Wiki Activity

Update README

This commit is contained in:
standash 2019-06-04 14:17:55 +02:00
parent 80d021449e
commit c79d9ca3b0
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@ -2,8 +2,13 @@
About
--------------------
This is a project for collecting the vulnerability evidence from source code
repositories. The project has a collection of tools that allows to identify and
This is a project for collecting the vulnerability evidence from source code repositories.
S. Dashevskyi, A. D. Brucker and F. Massacci, "A Screening Test for Disclosed Vulnerabilities in FOSS Components," in
IEEE Transactions on Software Engineering. doi: 10.1109/TSE.2018.2816033 URL:
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8316943&isnumber=4359463
The project has a collection of tools that allows to identify and
extract the potentially vulnerable coding (using a commit that fixed a CVE), and
track its origins in the repository history to identify the versions that are
likely not affected by a CVE.
@ -15,6 +20,7 @@ The project consists of two parts:
2. "molerat" - a library that is using "repoman" and other methods to
identify and track the potentially vulnerable coding.
--------------------
Prerequisites
--------------------
@ -125,3 +131,7 @@ db.entries.findOne();
line_contents : "" -> the contents of the line of code
}
```
## License
This project is licensed under the [MIT License](LICENSE).