Legacy Migration

Migrating from legacy OSS Index

A number of changes have occurred behind the scenes at OSS Index. These changes provide a larger, richer, and expanding collection of vulnerabilities along with new integrations and plans for increased ecosystem coverage and capabilities. With these updates come some changes that may impact you if you are using the OSS Index API or open source tools.

API V3.0

If you have written a tool which uses the v2.0 (or earlier) API, then you will need to migrate this code to the v3.0 API. The legacy API will stay running in the meanwhile, but it the database is no longer being maintained and the API will eventually be decommissioned. The new database has all the same vulnerabilities (and more!) that you can access using the legacy API.

Legacy Integrations

OSS Index has a number of integrations that are using the v2.0 API. These integrations will be updated over the coming weeks to use the v3.0 API and should all work in the same manner they do now. Integrations which use vulnerability IDs will need to be updated, as the new OSS Index database has new UUID based vulnerability IDs which are intended to be future-proof.