Skip to main content

osv_db/types/
reference.rs

1use serde::Deserialize;
2
3/// An external reference for the vulnerability.
4#[derive(Debug, Clone, Deserialize)]
5pub struct Reference {
6    /// Classification of this reference.
7    #[serde(rename = "type")]
8    pub reference_type: ReferenceType,
9    /// URI of the reference.
10    pub url: String,
11}
12
13/// Classification of an external [`Reference`].
14#[derive(Debug, Clone, PartialEq, Eq, Deserialize)]
15pub enum ReferenceType {
16    /// A published security advisory.
17    ADVISORY,
18    /// An article or blog post.
19    ARTICLE,
20    /// A tool or method for detecting the vulnerability.
21    DETECTION,
22    /// A discussion thread (e.g. GitHub issue, mailing list).
23    DISCUSSION,
24    /// The original vulnerability report.
25    REPORT,
26    /// A patch or commit that fixes the vulnerability.
27    FIX,
28    /// A patch or commit that introduced the vulnerability.
29    INTRODUCED,
30    /// A git commit or tag (generic).
31    GIT,
32    /// The package in a registry.
33    PACKAGE,
34    /// Evidence supporting the existence of the vulnerability.
35    EVIDENCE,
36    /// Any other web resource.
37    WEB,
38}