Tags · google/osv.dev

v2026.01.13

feat: split off oss-fuzz importer and worker onto their own (#4512)

silo-ing off the oss-fuzz processing so that the special logic it does
can continue working while we make bigger changes to the importer and
worker.
I've given them their own cluster to run in, so we can monitor them
separately (and to make an eventual moving off of the oss-vdb google
cloud project easier).

This is only being deployed to production, since the clusterfuzz pub/sub
only publishes there. We need to be very careful not to impact other
things when we're doing this.

Jan 13, 2026
11dcf75
zip
tar.gz

v2026.01.06

docs: Update REST API docs to clarify HEAD request (#4565)

Jan 5, 2026
11ebfd7
zip
tar.gz

v2025.12.10

fix: remove `index-url` from poetry requirements.txt (#4481)

We don't want this to talk to artifact registry
(I'm not 100% sure if this will work as-is)

Dec 9, 2025
79c6377
zip
tar.gz

v2025.12.04

test: update apitester snapshots (#4457)

The snapshots have changed, probably due to OSV advisories being
changed.
Please review the differences to make sure that they're expected!

Dec 3, 2025
ff13718
zip
tar.gz

v2025.11.25

fix: add vscode ecosystem and kubernetes (#4393)

Nov 25, 2025
67b4d8b
zip
tar.gz

v2025.11.19

test: update vulnerability IDs in integration test (#4357)

Nov 18, 2025
ca40ed0
zip
tar.gz

v2025.11.11

chore: use `storage.googlepis.com/[bucket]` URLs everywhere (#4321)

instead of `[bucket].storage.googleapis.com`, per
https://docs.cloud.google.com/storage/docs/access-public-data#api-link

Nov 11, 2025
1b9cb07
zip
tar.gz

v2025.11.04

fix: limit number of search indices added to Bugs (#4285)

[openSUSE-SU-2024:12948-1](https://osv.dev/vulnerability/openSUSE-SU-2024:12948-1)
has so many upstream vulns that it made >6500 search_indices, which
(combined with the other fields) was too many indexed properties for
datastore to handle.
Put a limit on the number of search indices populated from
alias/upstreams to avoid this problem.

Nov 4, 2025
30bc341
zip
tar.gz

v2025.10.28

Add EEF CNA to Test Sources (#4192)

See #4191

Oct 27, 2025
5fc0b2f
zip
tar.gz

v2025.10.21

docs(blog): fix broken external link (#4133)

This replaces the yuzu link in [Introducing broad C/C++ vulnerability
management
support](https://osv.dev/blog/posts/introducing-broad-c-c++-support/)
with an archived version, since the original repository is no longer
available. The example steps have also been updated to reflect the
current flow verified locally.

This should fix a `404` reported by the markdown-link-check action.  
There's still `429`/`403` issues but those can be fixed in a separate
PR.

---------

Co-authored-by: Rex P <[email protected]>
Co-authored-by: Xueqin Cui <[email protected]>

Oct 20, 2025
1d9b902
zip
tar.gz

PreviousNext

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

v2026.01.13

v2026.01.06

v2025.12.10

v2025.12.04

v2025.11.25

v2025.11.19

v2025.11.11

v2025.11.04

v2025.10.28

v2025.10.21

Tags: google/osv.dev