Comment by abhisek

Comment by abhisek 5 days ago

0 replies

View on Hacker News

We felt that OSV schema is designed with security tooling and automation as primary design goal. Specifically for our use-case, it captures the package name and versions using standardised schema. Also we saw adoption of OSV by package ecosystems like Python, Go etc.

While CVE is still the largest database of vulnerabilities, we felt OSV is good enough to identify most recent vulnerabilities