Google Cloud Platform account required, API key comes with Ts&Cs
Tim Anderson Thu 11 Feb 2021 // 09:30 UTC Share
Copy
Hands On Google has big ambitions for its new Open Source Vulnerabilities database, but getting started requires a Google Cloud Platform account and there are other obstacles that may add friction to adoption.
The Chocolate Factory is not happy with the state of open-source software security, which is a big deal not least because its own business and cloud platform depends on open-source code. The company wants to see more discipline and checks in critical open-source software, and revealed that it maintains its own private repositories for many projects to guard against compromised code or newly committed vulnerabilities.