⚠️ You are using a production deployment that is still only suitable for demo purposes.
Any work done in this might be wiped later without notice.
The Nixpkgs Security Tracker is a web service for managing information on vulnerabilities in software distributed through Nixpkgs and NixOS.
It operates on the following distinctions:
-
Untriaged suggestions are automatically generated matches between a CVE and Nixpkgs derivations.
-
Dismissed suggestions are CVEs that already were classified by a human as not affecting Nixpkgs.
-
Draft issues are matches between a CVE and Nixpkgs attributes that were selected as security relevant.
They are slated to be published as a GitHub issue, but might need further refinement.
-
Published issues have a persistent identifier and link to GitHub issues, which are used for notifications and coordinating mitigation.