vulnera_advisor/sources/
mod.rs

1//! Vulnerability data sources.
2//!
3//! This module contains implementations for fetching advisories from various
4//! vulnerability databases. Each source implements the [`AdvisorySource`] trait.
5//!
6//! # Available Sources
7//!
8//! - [`ghsa::GHSASource`] - GitHub Security Advisories (requires GitHub token)
9//! - [`nvd::NVDSource`] - NIST National Vulnerability Database
10//! - [`osv::OSVSource`] - Open Source Vulnerabilities (Google)
11//! - [`kev::KevSource`] - CISA Known Exploited Vulnerabilities
12//! - [`epss::EpssSource`] - FIRST Exploit Prediction Scoring System
13//! - [`ossindex::OssIndexSource`] - Sonatype OSS Index
14
15pub mod epss;
16pub mod ghsa;
17pub mod kev;
18pub mod nvd;
19pub mod ossindex;
20pub mod osv;
21
22use crate::error::Result;
23use crate::models::Advisory;
24use async_trait::async_trait;
25use chrono::{DateTime, Utc};
26
27/// Trait for vulnerability advisory data sources.
28///
29/// Implement this trait to add support for a new vulnerability database.
30///
31/// # Example
32///
33/// ```ignore
34/// use vulnera_advisors::sources::AdvisorySource;
35/// use vulnera_advisors::models::Advisory;
36/// use async_trait::async_trait;
37///
38/// struct MySource;
39///
40/// #[async_trait]
41/// impl AdvisorySource for MySource {
42///     async fn fetch(&self, since: Option<DateTime<Utc>>) -> Result<Vec<Advisory>> {
43///         // Fetch advisories from your source
44///         Ok(vec![])
45///     }
46///
47///     fn name(&self) -> &str {
48///         "MySource"
49///     }
50/// }
51/// ```
52#[async_trait]
53pub trait AdvisorySource: Send + Sync {
54    /// Fetch advisories, optionally since a given timestamp.
55    ///
56    /// If `since` is provided, implementations should attempt to return only
57    /// advisories modified after that timestamp (incremental sync).
58    /// If `since` is `None`, implementations should return all advisories (full sync).
59    async fn fetch(&self, since: Option<DateTime<Utc>>) -> Result<Vec<Advisory>>;
60
61    /// Get the name of this source (used for logging and metadata).
62    fn name(&self) -> &str;
63}