Allow custom NVD API endpoint #111

meiswjn · 2023-12-08T10:42:18Z

Is your feature request related to a problem? Please describe.
It can be useful to proxy the calls to NVD through something like Artifactory. This is different from the "datafeed" type, as it simply proxies the API. It would also allow injecting the API Key in Artifactory directly for everyone.

Describe the solution you'd like
I propose a new parameter "nvdEndpointUrl" that allows overriding the defautl endpoint. The client already supports this, so it should be fairly simple.

Open-Vulnerability-Project/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientBuilder.java

Lines 115 to 118 in c2fb945

    
           public NvdCveClientBuilder withEndpoint(String endpoint) { 
        
               this.endpoint = endpoint; 
        
               return this; 
        
           }

Describe alternatives you've considered
Using the datafeed requires running another app regularly.

meiswjn · 2023-12-08T13:41:29Z

Hey @jeremylong,
I think this repo already allows a custom API endpoint, but not the dependency check wrapper, or am I wrong?

Thanks!

meiswjn · 2023-12-15T08:03:36Z

Resolved by jeremylong/DependencyCheck#6287

meiswjn added the enhancement New feature or request label Dec 8, 2023

jeremylong transferred this issue from jeremylong/DependencyCheck Dec 8, 2023

meiswjn closed this as completed Dec 15, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Allow custom NVD API endpoint #111

Allow custom NVD API endpoint #111

meiswjn commented Dec 8, 2023

meiswjn commented Dec 8, 2023

meiswjn commented Dec 15, 2023 •

edited

Allow custom NVD API endpoint #111

Allow custom NVD API endpoint #111

Comments

meiswjn commented Dec 8, 2023

meiswjn commented Dec 8, 2023

meiswjn commented Dec 15, 2023 • edited

meiswjn commented Dec 15, 2023 •

edited