Metadata-Version: 2.4
Name: swh.vulns
Version: 0.2.1
Summary: Labeling of objects of the Software Heritage archives with known vulnerabilities affecting them.
Author-email: Software Heritage developers <swh-devel@inria.fr>
Project-URL: Homepage, https://gitlab.softwareheritage.org/swh/devel/swh-vulns
Project-URL: Bug Reports, https://gitlab.softwareheritage.org/swh/devel/swh-vulns/-/issues
Project-URL: Funding, https://www.softwareheritage.org/donate
Project-URL: Documentation, https://docs.softwareheritage.org/devel/swh-vulns/
Project-URL: Source, https://gitlab.softwareheritage.org/swh/devel/swh-vulns.git
Classifier: Programming Language :: Python :: 3
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3)
Classifier: Operating System :: OS Independent
Classifier: Development Status :: 3 - Alpha
Requires-Python: >=3.11
Description-Content-Type: text/x-rst
License-File: LICENSE
License-File: AUTHORS
Requires-Dist: swh.core[http]
Requires-Dist: swh.osv
Provides-Extra: testing
Requires-Dist: swh.core[http]; extra == "testing"
Requires-Dist: swh.osv; extra == "testing"
Requires-Dist: pytest>=8.1; extra == "testing"
Requires-Dist: swh.core[testing]; extra == "testing"
Requires-Dist: swh.graph[testing]; extra == "testing"
Requires-Dist: grpcio; extra == "testing"
Requires-Dist: types-protobuf; extra == "testing"
Requires-Dist: types-grpcio; extra == "testing"
Provides-Extra: luigi
Requires-Dist: swh.graph[luigi]; extra == "luigi"
Dynamic: license-file

Software Heritage - Software Heritage graph labeling with vulnerabilities
=========================================================================

Labeling of objects of the Software Heritage archive with known vulnerabilities affecting them.

Deployment
----------

Install dependencies:

1. ``cargo install --locked swh-graph swh-vulns-grpc-server``
2. ``pip3 install swh.graph``

Get data files:

1. Get swh-graph: ``swh graph download --name 2026-03-02`` (~15TB)
2. From ``s3://softwareheritage/derived_datasets/2026-03-02/vulnerabilities/``, download :`all.sqlite`, :`commit2vuln_without_cherrypicks.*`, and :`connected_components.wccs`, about 10GB. (Ignore other files in the directory, they weigh about 1.5TB.)

Run this:

.. code-block:: bash

    swh-vulns-grpc-serve \
        --db ./2026-03-02/all.sqlite \
        --commit2vuln ./2026-03-02/commit2vuln_without_cherrypicks \
        --subgraphwccs ./2026-03-02/connected_components.wccs \
        --graph ./2026-03-02/graph \
        --bind 127.0.0.1:<port>

note that ``--commit2vuln`` and ``--graph`` should omit the file extension
