[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#820615: ITP: go-cve-dictionary -- builds a local copy of the NVD/JVN (vulnerability databases)


Am 10. April 2016 17:00:20 MESZ, schrieb Daniel Stender <stender@debian.org>:
>Package: wnpp
>Severity: wishlist
>Owner: Daniel Stender <stender@debian.org>
>Control: block by 820614 -1
>
>* Package name    : go-cve-dictionary
>  Version         : 0.0+git20160410.6d3c17f
>  Upstream Author : Kota Kanbe <kotakanbe@gmail.com>
>* URL             : https://github.com/kotakanbe/go-cve-dictionary
>* License         : Apache-2.0
>  Programming Lang: Go
>Description     : builds a local copy of the NVD/JVN (vulnerabilitiy
>databases)
>
>This is tool to build a local copy of the NVD (National Vulnerabilities
>Database) [1]
>and the Japanese JVN, which contain security vulnerabilities according
>to their
>CVE identifiers [2] including exhaustive information and a risk score.
>The local
>copy is generated in sqlite format, and the tool has a server mode for
>easy querying.
>This is needed by vuls.
>
>I'm going to maintain this in the Pkg-go group, the name of the binary
>is going
>to be "go-cve-dictionary".

Why is the programming language of the tool relevant to be part of the binary package name? Shall we call all other tools c-foo, now?

The name-spacing really only makes sense if it is a library-kind package for go and not accessible on the command line.

HS
Reply to: