Skip to content

Switch advisory remoteURL to advisories.juliet.sh#9

Merged
TooFastTooCurious merged 1 commit intomainfrom
switch-advisory-url
Apr 24, 2026
Merged

Switch advisory remoteURL to advisories.juliet.sh#9
TooFastTooCurious merged 1 commit intomainfrom
switch-advisory-url

Conversation

@TooFastTooCurious
Copy link
Copy Markdown
Contributor

@TooFastTooCurious TooFastTooCurious commented Apr 24, 2026

Summary

Updates `remoteURL` in `pkg/advisory/advisory.go` from `raw.githubusercontent.com` to the custom-domain endpoint at `advisories.juliet.sh`.

Why

The advisory DB is now published via GitHub Pages at a custom subdomain (`advisories.juliet.sh`, served from the abom-advisories repo). Switching the fetch URL gets us:

  • CDN caching. `raw.githubusercontent.com` has relatively tight rate limits that abom can hit in CI with many concurrent runs. The Pages endpoint sits behind Fastly and serves with a 10-minute cache header.
  • Stable URL independent of hosting. If we ever move off GH Pages, the fetch URL doesn't change.

Verification

  • Pages endpoint is live with a Let's Encrypt cert: `curl -I https://advisories.juliet.sh/db/advisories.json\` → 200
  • `go test ./pkg/advisory/...` passes
  • The JSON served from Pages is byte-identical to the current raw.githubusercontent source (both are built from the same OSV YAML files via the compile step in abom-advisories)

@TooFastTooCurious
Switch advisory remoteURL to advisories.juliet.sh
1855659 
The advisory DB is now published to GitHub Pages with a custom domain
(advisories.juliet.sh) served from the abom-advisories repo. Switching
remoteURL to that endpoint gets us:

- A CDN-cached endpoint (raw.githubusercontent.com has tighter rate
  limits that abom can hit under heavy CI use)
- A stable URL independent of hosting location, so we can move off
  GitHub Pages later without breaking abom installs

The Pages-served JSON is byte-identical to the existing db/advisories.json
on main; compile output matches the static file.
@TooFastTooCurious TooFastTooCurious merged commit 949aae1 into main Apr 24, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TooFastTooCurious