Decentralized vulnerability data peer-review
- Mentors
- Philippe Ombredanne, Keshav Priyadarshi, TG1999
- Organization
- AboutCode
- Technologies
- python, postgresql, django, git, jquery
- Topics
- web
Software packages vulnerabilities :
let's say we have a security team that wants to track new vulnerabilities in the open source software packages , the security team subscribe to the account of each package by package-url
then security teams review the new vulnerability information and validate the package vulnerable version range of x database by posting reviews and comments . Every project could get its own ActivityPub account .The security teams could get their own using any ActivityPub server .