OSV consists of two elements: there’s the OSV Schema, a data format that maps precisely to open source versioning schemes. It also features a reference infrastructure that aggregates and indexes vulnerability data from databases that use the OSV schema.
This Playground explores the OSV-Scanner, a scan tool officially supported by the OSV database. OSV-Scanner connects a project’s list of dependencies with the vulnerabilities that affect them.
Through a detailed hands-on experience, you’ll learn how OSV-Scanner works, how to use it, and implement it in a real-world environment.