Source code for swh.osv.identifiers
# Copyright (C) 2025-2026 The Software Heritage developers
# See the AUTHORS file at the top-level directory of this distribution
# License: GNU Affero General Public License version 3, or any later version
# See top-level LICENSE file for more information
from collections import Counter
import datetime
import sqlite3
import tqdm
CURRENT_YEAR = datetime.datetime.now().year
[docs]
def main(conn: sqlite3.Connection) -> None:
cur = conn.cursor()
cur.execute("SELECT COUNT(*) FROM vulnerability_ids")
((row_count,),) = cur
cve_in_nvd = set()
cve_in_nonnvd = set()
id_types: Counter[str] = Counter()
cur.execute("SELECT id, vulnerability_filename FROM vulnerability_ids")
for id_, filename in tqdm.tqdm(cur, total=row_count, desc="Reading"):
id_type = id_.split("-")[0]
if not id_type.isdigit():
id_types[id_type] += 1
if id_.startswith("CVE-"):
if filename.startswith("CVE-"):
cve_in_nvd.add(id_)
else:
cve_in_nonnvd.add(id_)
print("* CVEs in NVD only:", len(cve_in_nvd - cve_in_nonnvd))
print("* CVEs not in NVD:", len(cve_in_nonnvd - cve_in_nvd))
print("* CVEs in both:", len(cve_in_nonnvd & cve_in_nvd))
print()
print("| Identifier database | Count |")
print("| ------------------- | ----- |")
for id_type, count in id_types.most_common():
print(f"| {id_type} | {count} |")
if __name__ == "__main__":
with sqlite3.connect("all.sqlite") as conn:
main(conn)