You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
3. Download the CPE dictionary & populate the database with `python3 ./bin/import.py` (the NVD JSON importer now uses parallel workers by default; tune with `--workers` and `--batch-size` if needed).
27
-
4. Optionally enrich the vendor/product ranking with CVE v5 data using `python3 ./bin/import_cvelistv5.py`. This downloads `./data/cvelistv5.ndjson` only when missing unless you pass `--download`.
27
+
4. Optionally enrich the vendor/product ranking with CVE v5 data using `python3 ./bin/import_cvelistv5.py`. This downloads `./data/cvelistv5.ndjson` only when missing unless you pass `--download`. Use `--index-words` if you also want to populate `w:<word>` and `s:<word>` from CVE v5 data, and review `set:missing_words_from_cvelistv5` for words that were not already indexed in Valkey.
28
28
5. Take a cup of black or green tea ().
29
29
6.`python3 ./bin/server.py` to run the local HTTP server.
30
30
@@ -204,14 +204,15 @@ cpe (vendor:product) per version to give a probability of the CPE appearance.
204
204
205
205
You can also build the ranking directly from the CVE v5 NDJSON dump. The importer scans the full record recursively so it can pick up
206
206
CPE values from both affected-product metadata and vulnerable configuration blocks, then increments the `rank:cpe` and
207
-
`rank:vendor_product` sorted sets using the normalized `cpe:2.3:<part>:<vendor>:<product>` tuple.
207
+
`rank:vendor_product` sorted sets using the normalized `cpe:2.3:<part>:<vendor>:<product>` tuple. It also records any vendor/product words whose `w:<word>` set does not already exist into `set:missing_words_from_cvelistv5`, and `--index-words` lets the CVE v5 importer populate `w:<word>` and `s:<word>` just like the NVD importer.
208
208
209
209
### Valkey structure
210
210
211
211
-`w:<word>` set
212
212
-`s:<word>` sorted set with a score depending of the number of appearance
213
213
-`rank:cpe` sorted set of common `vendor:product` tuples
214
214
-`rank:vendor_product` alias sorted set of the same tuple ranking, populated by both importers
215
+
-`set:missing_words_from_cvelistv5` set of vendor/product words seen in CVE v5 CPEs that were not already present as `w:<word>` keys before the record was processed
0 commit comments