osv_download: Download vulnerabilities from the OSV database

Description

Use vulnerability IDs and/or an ecosystem name to download vulnerability files from OSV GCS buckets.

Usage

osv_download(
  vuln_ids = NULL,
  ecosystem,
  parse = TRUE,
  cache = TRUE,
  download_only = FALSE
)
.osv_download(vuln_ids = NULL, ecosystem, parse = TRUE, download_only = FALSE)
.osv_download_cache(
  vuln_ids = NULL,
  ecosystem,
  parse = TRUE,
  download_only = FALSE
)

Value

An R6 object containing API query contents.

Arguments

vuln_ids: Vector of vulnerability IDs (optional).
ecosystem: Ecosystem package lives within (must be set).
parse: Boolean value to set if the content field should be parsed from JSON list format.
cache: Boolean value to determine if should use a cached version of the function and API results.
download_only: Boolean value to determine if only the JSON files should be downloaded to disk.

Functions

.osv_download(): Internal function to run osv_download without caching.
.osv_download_cache(): Internal function to run a memoise and cached version of osv_download.

Details

Although the end-result will be similar to the other API functions, this one specifically downloads .zip or .json files from the OSV GCS buckets. As a result, it has two main benefits. First, it can download the entire set of vulnerabilities listed for an ecosystem. Second, it has options to save the vulnerability files to disk. The files are saved to the R session's temp space, as defined by the environment variable ROSV_CACHE_GLOBAL.

Any ecosystems listed here can be downloaded. Only one ecosystem can be provided at a time.

Examples

Run this code

if (FALSE) { # interactive()
vulns <- osv_download("RSEC-2023-8", "CRAN")
get_content(vulns)

# Clean up
try(clear_osv_cache())
}

Run the code above in your browser using DataLab