{"id":20358983,"url":"https://github.com/cveproject/cve-services","last_synced_at":"2025-04-12T15:43:12.313Z","repository":{"id":38076797,"uuid":"178047053","full_name":"CVEProject/cve-services","owner":"CVEProject","description":"This repo contains the source for the CVE Services API.","archived":false,"fork":false,"pushed_at":"2025-04-02T17:37:24.000Z","size":23206,"stargazers_count":170,"open_issues_count":141,"forks_count":76,"subscribers_count":26,"default_branch":"dev","last_synced_at":"2025-04-03T17:11:14.431Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CVEProject.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-03-27T17:51:11.000Z","updated_at":"2025-04-01T17:04:27.000Z","dependencies_parsed_at":"2023-09-25T17:46:45.711Z","dependency_job_id":"c450f53d-70fc-41a6-977f-dc32fb99a716","html_url":"https://github.com/CVEProject/cve-services","commit_stats":null,"previous_names":[],"tags_count":36,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CVEProject%2Fcve-services","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CVEProject%2Fcve-services/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CVEProject%2Fcve-services/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CVEProject%2Fcve-services/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CVEProject","download_url":"https://codeload.github.com/CVEProject/cve-services/tar.gz/refs/heads/dev","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248590938,"owners_count":21129916,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-14T23:29:52.667Z","updated_at":"2025-04-12T15:43:12.291Z","avatar_url":"https://github.com/CVEProject.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CVE-API\n\n![CodeQL](https://github.com/CVEProject/cve-services/workflows/CodeQL/badge.svg)\n\n## Table of contents\n\n* [Project](#project)\n* [Contributing](#contributing)\n   * [Security](#security)\n      * [Reporting a Vulnerability](#reporting-a-vulnerability)\n* [Development](#development)\n   * [Technologies](#technologies)\n   * [Style Guidelines](#style-guidelines)\n   * [Directory Layout](#directory-layout)\n   * [Setup](#setup)\n   * [API Documentation](#api-documentation)\n   * [Unit Testing](#unit-testing)\n\n## The CVE Services Project\n\nThis repository contains services that support the [CVE Program's mission](https://www.cve.org/About/Overview) to \"identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.\"\n\nThere are many ways one can assist:\n\n### OSS Contributor\n\nDevelopers can contribute code directly. Getting started can be as fast as choosing an issue on our [board](https://github.com/CVEProject/cve-services/issues?q=is%3Aissue+is%3Aopen).\n\nPlease read our [contributor's guide](https://github.com/CVEProject/cve-services/blob/dev/CONTRIBUTING.md) for more details. We welcome all contributions!\n\n### Working Groups\n\nThe CVE project operates as multiple focused working groups. Visit the CVE Website [working groups page](https://www.cve.org/ProgramOrganization/WorkingGroups) for more information.\n\n### Security\n\n#### Reporting a Vulnerability\n\n\u003e**Warning**\n\u003eDo not put vulnerability information in a GitHub issue.\n\nPlease consult our [SECURITY.md](https://github.com/CVEProject/cve-services/blob/dev/SECURITY.md) for specific instructions on reporting a vulnerability that exists in the CVE Services.\n\n## Development\n\n### Technologies\n\nThis project uses or depends on software from\n\n- [NodeJS](https://nodejs.org/)\n- [Express](https://github.com/expressjs)\n- [MongoDB for locally run instances](https://www.mongodb.com/)\n- [Mongoose.js](https://mongoosejs.com)\n\n### Style Guidelines\n\nThis project follows the [JavaScript Standard Style](https://github.com/standard/standard).\n\n### Setup\n\n#### Docker\n\nSee the Docker README found in the repo here: https://github.com/CVEProject/cve-services/blob/dev/docker/README.md\n\n#### Local Development\n\n\u003e**Warning**\n\u003e\n\u003eDO NOT use the dev configuration on a public network. The dev environment includes credentials to enable rapid development and is not secure for public deployment.\n\n1. Install required node modules\n\nThis assumes `node` 16.14.2 and the latest `npm` are installed.\n\n```sh\ncd cve-services\nnpm install\n```\n\n2. Setup and start MongoDB locally\n\nInstall MongoDB locally\n\n- https://docs.mongodb.com/manual/administration/install-community/\n\nDownload MongoDB Compass (MongoDB GUI)\n\n- https://www.mongodb.com/download-center/compass\n\nCreate a `cve_dev` database in Compass. The collections will be automatically created when the API starts storing documents.\n\nYou can populate the database with test data using:\n\n```sh\nnpm run populate:dev\n```\n\n3. Start the node application\n\nIn order to start a dev environment:\n\n```sh\nnpm run start:dev\n```\n\n\n### API Documentation\n\nAPI documentation is generated using [swagger-autogen](https://github.com/davibaltar/swagger-autogen) which ensures that we keep the API specification up to date with any major changes to API routes. Extra information for each API route is defined as a comment in the `index.js` files under the respective controller and all request and response schemas are stored under the `schemas` folder served up by `schemas.controller`.\n\nTo ensure you are using the correct API specification the following endpoints can be used:\n- [Test Instance](https://cveawg-test.mitre.org/api-docs/)\n- [Production](https://cveawg.mitre.org/api-docs/)\n\nNote: The specification file stored in GitHub will only be correct for that branch; there could be differences between branches and production.\n\nIf you are developer and want to test changes to the API specification you can generate a specification in one of two ways:\n\n1. Preferred\n\nWhen you start your local development server using `npm run start:dev` the specification file will be generated. Subsequent changes require reloading the server.\n\n2. Manual\n\nYou can use `npm run swagger-autogen` to generate a new specification file.\n\n\n### Unit Testing\n\nThis project uses the following for unit testing\n\n- https://mochajs.org/\n- https://www.chaijs.com/\n\nIn order to run the unit tests:\n\n```sh\nnpm run start:test\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcveproject%2Fcve-services","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcveproject%2Fcve-services","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcveproject%2Fcve-services/lists"}