Migrating from legacy OSS Index
A number of changes have occurred behind the scenes at OSS Index. These changes provide a larger, richer, and
expanding collection of vulnerabilities along with new integrations and plans for increased ecosystem coverage
and capabilities. With these updates come some changes that may impact you if you are using the OSS Index API
or open source tools.
If you have written a tool which uses the v2.0 (or earlier) API, then you will need to migrate this code to the
v3.0 API. The legacy API will stay running in the meanwhile, but it the database is no longer being maintained
and the API will eventually be decommissioned. The new database has all the same vulnerabilities (and more!) that
you can access using the legacy API.
API Version 2.0 End of Life
The 3.0 API has been out for a year, and recently the 2.0 API has been showing some instability. As the old API
does not have access to the full data set and all of our client tools have been running against 3.0 for almost a
year, we have decided that the time has come to disable access.
All known active OSS Index integrations have been migrated to the v3.0 API. If you know of any integration which
has not been migrated, please let us know.