Skip to content

Commit

Permalink
Add clarifying comment for change in order of NIST mirroring
Browse files Browse the repository at this point in the history 
Signed-off-by: nscuro <[email protected]>
  • Loading branch information
@nscuro
nscuro committed Oct 11, 2023
1 parent c750607 commit 72aa9d0
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions src/main/java/org/dependencytrack/tasks/NistMirrorTask.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,9 @@ private void getAllFiles() {
doDownload(json11BaseUrl, ResourceType.CVE_YEAR_DATA);
doDownload(cve11BaseMetaUrl, ResourceType.CVE_META);
}

// Modified feeds must be mirrored last, otherwise we risk more recent data being
// overwritten by old or stale data: https://github.com/DependencyTrack/dependency-track/pull/1929#issuecomment-1743579226
doDownload(this.nvdFeedsUrl + CVE_JSON_11_MODIFIED_URL, ResourceType.CVE_MODIFIED_DATA);
doDownload(this.nvdFeedsUrl + CVE_JSON_11_MODIFIED_META, ResourceType.CVE_META);

Expand Down

0 comments on commit 72aa9d0

Please sign in to comment.