Legacy Migration

Migrating from legacy OSS Index

A number of changes have occurred behind the scenes at OSS Index. These changes provide a larger, richer, and expanding collection of vulnerabilities along with new integrations and plans for increased ecosystem coverage and capabilities. With these updates come some changes that may impact you if you are using the OSS Index API or open source tools.

API V3.0

If you have written a tool which uses the v2.0 (or earlier) API, then you will need to migrate this code to the v3.0 API. The legacy API will stay running in the meanwhile, but it the database is no longer being maintained and the API will eventually be decommissioned. The new database has all the same vulnerabilities (and more!) that you can access using the legacy API.

API Version 2.0 End of Life

The 3.0 API has been out for a year, and recently the 2.0 API has been showing some instability. As the old API does not have access to the full data set and all of our client tools have been running against 3.0 for almost a year, we have decided that the time has come to disable access.

Legacy Integrations

All known active OSS Index integrations have been migrated to the v3.0 API. If you know of any integration which has not been migrated, please let us know.