From d76d40903ca9115bde9eb4282554105757c9bb9c Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Mon, 30 Mar 2026 01:10:02 +0000
Subject: [PATCH 1/2] fix: prevent 0001-01-01 published dates in Debian
 converter

Modify `vulnfeeds/cmd/converters/debian/main.go` to only set the `Published` field if the associated NVD CVE published time is not zero. This avoids generating `0001-01-01T00:00:00Z` dates which hide records from the /list page and trigger schema validation warnings.

Co-authored-by: jess-lowe <86962800+jess-lowe@users.noreply.github.com>
---
 vulnfeeds/cmd/converters/debian/main.go | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/vulnfeeds/cmd/converters/debian/main.go b/vulnfeeds/cmd/converters/debian/main.go
index f1765dbaced..a875ce6abf7 100644
--- a/vulnfeeds/cmd/converters/debian/main.go
+++ b/vulnfeeds/cmd/converters/debian/main.go
@@ -111,10 +111,9 @@ func generateOSVFromDebianTracker(debianData DebianSecurityTrackerData, debianRe
 			if !ok {
 				v = &vulns.Vulnerability{
 					Vulnerability: &osvschema.Vulnerability{
-						Id:        "DEBIAN-" + cveID,
-						Upstream:  []string{cveID},
-						Published: timestamppb.New(currentNVDCVE.CVE.Published.Time),
-						Details:   cveData.Description,
+						Id:       "DEBIAN-" + cveID,
+						Upstream: []string{cveID},
+						Details:  cveData.Description,
 						References: []*osvschema.Reference{
 							{
 								Type: osvschema.Reference_ADVISORY,
@@ -123,6 +122,11 @@ func generateOSVFromDebianTracker(debianData DebianSecurityTrackerData, debianRe
 						},
 					},
 				}
+
+				if !currentNVDCVE.CVE.Published.Time.IsZero() {
+					v.Published = timestamppb.New(currentNVDCVE.CVE.Published.Time)
+				}
+
 				if currentNVDCVE.CVE.Metrics != nil {
 					v.AddSeverity(currentNVDCVE.CVE.Metrics)
 				}

From e199c1f66a2ec39c1344bfa0b0cc2b4ef083990d Mon Sep 17 00:00:00 2001
From: Jess Lowe <jesslowe@google.com>
Date: Mon, 30 Mar 2026 01:39:57 +0000
Subject: [PATCH 2/2] fix lint

---
 vulnfeeds/cmd/converters/debian/main.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vulnfeeds/cmd/converters/debian/main.go b/vulnfeeds/cmd/converters/debian/main.go
index a875ce6abf7..680d24cf0f5 100644
--- a/vulnfeeds/cmd/converters/debian/main.go
+++ b/vulnfeeds/cmd/converters/debian/main.go
@@ -123,7 +123,7 @@ func generateOSVFromDebianTracker(debianData DebianSecurityTrackerData, debianRe
 					},
 				}
 
-				if !currentNVDCVE.CVE.Published.Time.IsZero() {
+				if !currentNVDCVE.CVE.Published.IsZero() {
 					v.Published = timestamppb.New(currentNVDCVE.CVE.Published.Time)
 				}