-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi,
I was poking around at the scripts at https://salsa.debian.org/security-tracker-team/security-tracker and I noticed you're consuming the NVD's legacy JSON feeds. I wanted to make sure you're aware of deprecation and upcoming removal per https://nvd.nist.gov/General/News/change-timeline My day job involves working on OSV[1], and I'm planning on getting in touch soon to discuss if the OSV schema[2] would be useful to publish natively along with your existing DSAs. I'm first taking the time to school myself on how things currently operate before popping out of the blue with a proposal. I only recently learned of the deprecation myself, and it's required some course correction in how we're ingesting data from the NVD. regards Andrew [1]https://osv.dev [2]https://ossf.github.io/osv-schema/ -----BEGIN PGP SIGNATURE----- Version: FlowCrypt Email Encryption 8.3.8 Comment: Seamlessly send and receive encrypted email wsFzBAEBCgAGBQJjRmVRACEJEFHf2Ts++3nvFiEEW3Akls+mpQcjnC15Ud/Z Oz77ee9wEw//fYsIKp4bGCVfS5PuT1Q1jFl81SB/wKdCKZSbgyqnabsQwa3K DVvBpcRexWIKRKY3UpFyUxJ1d5Eyvj3dlEr0EPTEziaB5pqmbRB+f2dOXXAt rKZLOjFKyfYKPCBLslURIgday6O7dF4VFXOthPDWfB2hXwYg3bAMgyl6Knmp PI7fB8Y0wa9LMbTosoMUB4k5VOWTjbO8g2WSxqNcdEbA4ACCln0A4xnJFkHM YytzJy2FkFYb69h4uM83NykwxtuYQUcLFamYY2UuNW93B1mqF8P7xQrbw0ke QhfjcKzWeHiXrhEVdGLAr03aRYpoHK7IQr6BAPUTL10JRjfVuYiniM4Y30Kx Zb1MvuiUSbJvok6BtnN9R5KN1dgBG76j+XgxlAwn4oLyjTDs8TShdWhU0oDN 51YjPDfat+MjKLcJKU7WGGQk0Mj9/GbqkRiWUMuTzh8Q1IrRLXsthKpQ/Bst x7griqdzjNGPvPdpVRlvh6ashA9tSgSnoVw2B+an71QEjpds2L+AG+N7IlVs MgzWhm/qsd/3QHwAiKqpIhBlonrYlaG9ZNrqFZIJV2nkKUdzmdsl2JWCrkjw X+2U6+emyxtEfd/UrjpQfAItF+0vID4QWUu2LSqZwMCTUyuQ5EPp5LBPW2lA TpipCgkdCsw+jM+QB8+zcAL95tpOdH7zNgc= =qfRx -----END PGP SIGNATURE-----
