Adds discovery of Google's "templated" .textproto plugins, which the Java-only
discovery previously skipped entirely.
discover_pluginsnow finds both Java*Detector.javadetector directories and templated single-file.textprotoplugins undertemplated/templateddetector/plugins/.- CVEs are extracted from templated plugin filenames and structured
value:fields (both dashed and underscore forms). - Sightings for templated plugins link to the
/blob/master/file URL; Java plugins keep the/tree/master/directory URL. - Incremental mode no longer uses
--diff-filter=A, so relocated/renamed plugins are no longer missed. - End-to-end dry-run against upstream Tsunami plugins: 104 sightings emitted (84 Java + 20 templated).
Initial release. Extracts CVE references from Google's Tsunami Security Scanner plugin repository and publishes sightings to Vulnerability-Lookup.
- End-to-end dry-run against upstream Tsunami plugins: 85 sightings emitted across 84 plugins.