Bug#820615: ITP: go-cve-dictionary -- builds a local copy of the NVD/JVN (vulnerability databases)
Am 10. April 2016 17:00:20 MESZ, schrieb Daniel Stender <stender@debian.org>:
>Package: wnpp
>Severity: wishlist
>Owner: Daniel Stender <stender@debian.org>
>Control: block by 820614 -1
>
>* Package name : go-cve-dictionary
> Version : 0.0+git20160410.6d3c17f
> Upstream Author : Kota Kanbe <kotakanbe@gmail.com>
>* URL : https://github.com/kotakanbe/go-cve-dictionary
>* License : Apache-2.0
> Programming Lang: Go
>Description : builds a local copy of the NVD/JVN (vulnerabilitiy
>databases)
>
>This is tool to build a local copy of the NVD (National Vulnerabilities
>Database) [1]
>and the Japanese JVN, which contain security vulnerabilities according
>to their
>CVE identifiers [2] including exhaustive information and a risk score.
>The local
>copy is generated in sqlite format, and the tool has a server mode for
>easy querying.
>This is needed by vuls.
>
>I'm going to maintain this in the Pkg-go group, the name of the binary
>is going
>to be "go-cve-dictionary".
Why is the programming language of the tool relevant to be part of the binary package name? Shall we call all other tools c-foo, now?
The name-spacing really only makes sense if it is a library-kind package for go and not accessible on the command line.
HS
Reply to: