From 69c1d3817f8759ff3e294d629383f5dc6fcc2dc0 Mon Sep 17 00:00:00 2001
From: Oliver Chang <oliverchang@users.noreply.github.com>
Date: Thu, 5 Jan 2023 08:08:36 +1100
Subject: [PATCH] Add details on Debian and Alpine sources to README.md (#929)

---
 README.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/README.md b/README.md
index 9f2a6e27607..baf791099b5 100644
--- a/README.md
+++ b/README.md
@@ -45,6 +45,13 @@ The following ecosystems have vulnerabilities encoded in this format:
     ([CC0 1.0](https://github.com/cloudsecurityalliance/gsd-database/blob/main/LICENSE))
 -   [OSS-Fuzz](https://github.com/google/oss-fuzz-vulns)
     ([CC-BY 4.0](https://github.com/google/oss-fuzz-vulns/blob/main/LICENSE))
+    
+Additionally, the OSV.dev team maintains a conversion pipeline for:
+
+- [Debian Security Advisories](https://storage.googleapis.com/debian-osv/index.html),
+  using the conversion tools [here](https://github.com/ossf/osv-schema/tree/main/tools/debian).
+- [Alpine SecDB](https://storage.googleapis.com/cve-osv-conversion/index.html?prefix=osv-output/),
+  using the conversion tools [here](https://github.com/google/osv.dev/tree/master/vulnfeeds/cmd/alpine).
 
 Together, these include vulnerabilities from: