Problem
The existing DB APIs for vulnerability updates require updater-defined batches of vulnerabilities, forcing clients to allocate a large number of vulnerabilities in memory. This update operation may require more than 3GiB for some updaters (e.g., RH OVAL unpatched). But, except for delta updates, the pre-allocation of vuln in memory is unnecessary as the update steps don't require processing the data other than iterating over it to write to the DB transaction. For such APIs, accepting a mechanism to stream the data would significantly reduce the required memory to perform updates and open the door to make the memory load constant.

Outcome
Support a mechanism to stream vulnerability data in the DB APIs, that is backward compatible with non-streaming clients. Preferably the API should support rangefunc semantics.