Query OSV API for vulnerabilities given a vector of packages

Using a vector of input information, query the OSV API for any associated vulnerability ID.

Usage

osv_querybatch(
  name = NULL,
  version = NULL,
  ecosystem = NULL,
  commit = NULL,
  purl = NULL,
  parse = TRUE,
  cache = TRUE,
  ...
)

.osv_querybatch(
  name = NULL,
  version = NULL,
  ecosystem = NULL,
  commit = NULL,
  purl = NULL,
  parse = TRUE,
  cache = TRUE,
  ...
)

.osv_querybatch_cache(
  name = NULL,
  version = NULL,
  ecosystem = NULL,
  commit = NULL,
  purl = NULL,
  parse = TRUE,
  cache = TRUE,
  ...
)

Arguments

name: Name of package.
version: Version of package.
ecosystem: Ecosystem package lives within (must be set if using name).
commit: Commit hash to query against (do not use when version set).
purl: URL for package (do not use if name or ecosystem set).
parse: Boolean value to set if the content field should be parsed from JSON list format.
cache: Boolean value to determine if should use a cached version of the function and API results.
...: Additional parameters passed to nested functions.

Value

An R6 object containing API query contents.

Details

The query is constructed from the provided set of vectors. Default will be NULL and thereby empty/null in the JSON request. If some values in the vector are missing, use NA. For many queries, the conversion to a formatted JSON request can be parallelized via {future}.

The returned information are vulnerability IDs and modified fields only, as per API instruction.

Functions

.osv_querybatch(): Internal function to run osv_querybatch without caching.
.osv_querybatch_cache(): Internal function to run a memoise and cached version of osv_querybatch.

Examples

if (FALSE) { # interactive()
osv_querybatch(c("commonmark", "dask"), ecosystem = c('CRAN', 'PyPI'))
}