Uploaded image for project: 'Clair'
  1. Clair
  2. CLAIRDEV-215

claircore: python: can index information be discovered?

XMLWordPrintable

    • Icon: Outcome Outcome
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • None
    • indexer
    • None
    • False
    • Hide

      None

      Show
      None

      Inspired by another discussion, it seems like we may not have a way to discover the index (repository) a python package is installed from.

      We currently assume everything is installed from pypi.org, which is not correct but good enough if we're only considering public/OSV data. If Red Hat starts producing VEX data for python packages, we'll need to be able to identify which packages come from a Red Hat index.

              Unassigned Unassigned
              hdonnay Henry Donnay
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: