Adds environment variable to exclude osv malware feeds (#192)

Signed-off-by: Prabhu Subramanian <[email protected]>
AppThreat · Oct 20, 2024 · 226e325 · 226e325
1 parent 2eba1de
commit 226e325
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "appthreat-vulnerability-db"
-version = "5.7.5"
+version = "5.7.6"
 description = "AppThreat's vulnerability database and package search library with a built-in file based storage. OSV, CVE, GitHub, npm are the primary sources of vulnerabilities."
 authors = [
     {name = "Team AppThreat", email = "[email protected]"},

diff --git a/vdb/lib/osv.py b/vdb/lib/osv.py
@@ -3,6 +3,7 @@
 
 This module fetches the vulnerability data from osv.dev and stores them in NVD CVE 1.1 json format.
 """
+import os
 from zipfile import ZipFile
 
 import httpx
@@ -121,6 +122,9 @@ def to_vuln(self, cve_data):
         references = json_lib.dumps(references)
         if isinstance(references, bytes):
             references = references.decode("utf-8", "ignore")
+        # Offer an option to ignore malware data to keep the db size small
+        if os.getenv("OSV_EXCLUDE_MALWARE") and cve_id.startswith("MAL"):
+            return ret_data
         # Quality of PYSEC data is quite low missing both severity and score
         # Where a PYSEC feed also reference a github id, let's ignore it since G comes before P
         #   so it would have gotten processed