Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / CycloneDX/cdxgen issues and pull requests

#412 - Migration to TypeScript

Issue - State: closed - Opened by ajmalab about 1 year ago - 1 comment
Labels: wontfix

#410 - Running cdxgen in a virtualenv messes it up

Issue - State: open - Opened by Hritik14 about 1 year ago - 4 comments

#409 - Add 2 aliases to pypi-pkg-aliases.json

Pull Request - State: closed - Opened by DDuarte about 1 year ago - 1 comment

#408 - Support to specify target/input file with technology to generate sbom

Issue - State: closed - Opened by saurabhthatte about 1 year ago - 6 comments

#407 - Decode encoded purl before assigning to key in sbom

Pull Request - State: closed - Opened by ajmalab about 1 year ago - 5 comments

#406 - [Pnpm] cdxgen fails for pnpm projects with `@` in their group name on 9.2.2

Issue - State: closed - Opened by ajmalab about 1 year ago - 7 comments

#405 - cdxgen stucks inside a docker container

Issue - State: open - Opened by rohitcoder about 1 year ago - 5 comments

#404 - Fix python version resolution

Pull Request - State: closed - Opened by rsichnyi about 1 year ago - 1 comment

#403 - submitting SBOM to Dependy Tracker not working

Issue - State: closed - Opened by visagansanthanam-unisys about 1 year ago - 14 comments

#402 - Fixes #399 and #401

Pull Request - State: closed - Opened by prabhu about 1 year ago - 2 comments

#401 - [Yarn] purl and bom-ref not populated for root project.

Issue - State: closed - Opened by ajmalab about 1 year ago - 3 comments

#400 - Slow performance on WSL

Issue - State: open - Opened by prabhu about 1 year ago

#398 - [Python] Dependencies section empty despite having poetry.lock

Issue - State: closed - Opened by ajmalab about 1 year ago - 2 comments

#397 - Container image release workflow is just too slow

Issue - State: open - Opened by prabhu about 1 year ago
Labels: good first issue, help wanted

#395 - Pass --no-recurse to disable recursive lookup

Pull Request - State: closed - Opened by prabhu about 1 year ago - 3 comments

#394 - Better logic to populate metadata.component.components

Issue - State: open - Opened by prabhu about 1 year ago
Labels: help wanted, Consider Funding

#391 - Java detection is not working for microservices monorepo demo

Issue - State: open - Opened by prabhu about 1 year ago
Labels: help wanted, Consider Funding, lang:java

#390 - Deep validation for SBoM. 1 BREAKING change.

Pull Request - State: closed - Opened by prabhu about 1 year ago - 14 comments
Labels: help wanted, Ready for QA

#389 - [NodeJs] Purls not properly encoded in the dependencies section

Issue - State: closed - Opened by ajmalab about 1 year ago - 2 comments

#387 - Implemented handling of GRADLE_DEPENDENCY_TASK on v8.6.x

Pull Request - State: closed - Opened by malice00 about 1 year ago

#386 - Implemented handling of GRADLE_DEPENDENCY_TASK

Pull Request - State: closed - Opened by malice00 about 1 year ago

#385 - Do not add GRADLE_ARGS to :properties-call

Pull Request - State: closed - Opened by malice00 about 1 year ago - 1 comment

#384 - Setting GRADLE_DEPENDENCY_TASK doesn't do anything

Issue - State: closed - Opened by malice00 about 1 year ago - 2 comments

#382 - Update pypi-pkg-aliases.json

Pull Request - State: closed - Opened by cerrussell about 1 year ago

#381 - Update pypi-pkg-aliases.json

Pull Request - State: closed - Opened by cerrussell about 1 year ago

#380 - Test python direct dependencies under multiple scenarios

Issue - State: closed - Opened by prabhu about 1 year ago - 1 comment
Labels: bug, help wanted

#379 - MINOR: 9.1.0 release with deno, evidences and python dependency tree. 1 BREAKING change

Pull Request - State: closed - Opened by prabhu about 1 year ago - 2 comments
Labels: Ready for QA

#376 - Fixes #375

Pull Request - State: closed - Opened by prabhu about 1 year ago - 8 comments
Labels: Ready for QA

#375 - Transitive Dependencies for Python project not detected

Issue - State: closed - Opened by anthonyharrison about 1 year ago - 5 comments
Labels: enhancement, help wanted

#372 - SBOM generation Issue for Gradle Project

Issue - State: open - Opened by sanjeeveejayabalan over 1 year ago - 9 comments

#371 - Provide possibility to define alternative NUGET API base url

Issue - State: open - Opened by hornpecom over 1 year ago - 3 comments
Labels: Consider Funding

#369 - Support for metadata.lifecycles

Issue - State: open - Opened by prabhu over 1 year ago

#367 - 1.4 compatibility mode

Issue - State: closed - Opened by prabhu over 1 year ago

#365 - Output file does not appear to conform to the CycloneDx standard

Issue - State: closed - Opened by JoshWallaceBullish over 1 year ago - 6 comments

#354 - Python poetry lock files are not reproducible

Issue - State: closed - Opened by prabhu over 1 year ago - 1 comment
Labels: good first issue

#353 - Inaccuracies parsing jars

Issue - State: open - Opened by Eiim over 1 year ago - 1 comment
Labels: enhancement

#349 - Python pyproject.toml support

Issue - State: closed - Opened by prabhu over 1 year ago - 4 comments
Labels: enhancement

#346 - Python - poetry.lock - no dependencies

Issue - State: closed - Opened by bh86 over 1 year ago - 2 comments
Labels: help wanted, Consider Funding

#344 - Support for storing repository metadata

Issue - State: open - Opened by prabhu over 1 year ago

#330 - cdxgen doesn't report a package in java mode

Issue - State: closed - Opened by prabhu over 1 year ago - 1 comment
Labels: enhancement

#327 - Potential fix for issue #326

Pull Request - State: closed - Opened by prabhu over 1 year ago

#326 - Dependency Track API call failing with large payloads

Issue - State: open - Opened by varkakumani over 1 year ago - 3 comments

#325 - Fix/issue 324

Pull Request - State: closed - Opened by prabhu over 1 year ago

#324 - [Gradle] Sub-project direct dependencies broken

Issue - State: closed - Opened by ajmalab over 1 year ago - 4 comments

#323 - [Gradle] 'metadata.component` missing in 8.4.10

Issue - State: closed - Opened by ajmalab over 1 year ago - 1 comment

#322 - [Gradle] Direct dependencies for root inaccurate

Issue - State: closed - Opened by ajmalab over 1 year ago - 6 comments

#321 - Attempt to fix #320

Pull Request - State: closed - Opened by prabhu over 1 year ago - 1 comment

#320 - GRADLE_ARGS ignored in recursive (-r) mode

Issue - State: closed - Opened by heubeck over 1 year ago - 10 comments

#319 - Handles a case where a gradle dependency

Pull Request - State: closed - Opened by prabhu over 1 year ago

#318 - [Gradle] Incorrect dependency information in Gradle project

Issue - State: open - Opened by ajmalab over 1 year ago - 7 comments

#316 - Fixes #249 and #315

Pull Request - State: closed - Opened by prabhu over 1 year ago - 8 comments

#315 - [Gradle] Inaccurate dependencies section in a multi-project gradle build

Issue - State: closed - Opened by ajmalab over 1 year ago - 3 comments

#313 - package-lock v3 support. publish with provenance

Pull Request - State: closed - Opened by prabhu over 1 year ago

#312 - No way to capture top level dependencies from yarn projects

Issue - State: open - Opened by ajmalab over 1 year ago - 4 comments
Labels: enhancement, help wanted, needs contributor

#311 - Swift Fixes

Pull Request - State: closed - Opened by wr-rmcnamara over 1 year ago - 1 comment

#310 - Support for Azure Devops pipelines

Issue - State: open - Opened by prabhu over 1 year ago

#309 - Support for cpan

Issue - State: open - Opened by prabhu over 1 year ago

#308 - Support for gleam

Issue - State: open - Opened by prabhu over 1 year ago

#307 - Convenient boolean configuration

Pull Request - State: closed - Opened by heubeck over 1 year ago - 1 comment

#306 - Option to exclude Maven test scope & update cyclonedx-maven-plugin to 2.7.8

Pull Request - State: closed - Opened by heubeck over 1 year ago - 2 comments

#305 - License list is always empty for npm projects

Issue - State: open - Opened by kibertoad over 1 year ago - 3 comments

#304 - Use name attribute for go

Pull Request - State: closed - Opened by prabhu over 1 year ago

#303 - urlencoded symbols in purl and bom-ref

Issue - State: closed - Opened by sigurdblueface over 1 year ago - 4 comments

#300 - Handle extract errors. Fixes #299

Pull Request - State: closed - Opened by prabhu over 1 year ago

#298 - Feature/gradle

Pull Request - State: closed - Opened by prabhu over 1 year ago

#297 - ASK: Can cdxgen use maven dependency tree first instead of cyclonedx-maven-plugin

Issue - State: closed - Opened by prabhu over 1 year ago
Labels: invalid

#296 - BUG: gradle multi-project mode bug fixes and enhancements

Issue - State: closed - Opened by prabhu over 1 year ago - 1 comment
Labels: bug

#294 - [Gradle] `ref` showing as `undefined` in certain cases

Issue - State: open - Opened by ajmalab over 1 year ago - 2 comments

#293 - Use latest version of of cyclonedx-maven-plugin (2.7.6)

Issue - State: closed - Opened by cryptator over 1 year ago - 1 comment

#292 - -t binary doesn't work

Issue - State: open - Opened by prabhu over 1 year ago

#291 - Provide option to include vcs url in the output bom file

Issue - State: open - Opened by prabhu over 1 year ago - 1 comment
Labels: enhancement, help wanted

#289 - [Gradle] root component information missing from multi-module gradle project

Issue - State: closed - Opened by kito99 over 1 year ago - 9 comments

#288 - [Maven] In a multi-module project, the root component is incorrect

Issue - State: open - Opened by kito99 over 1 year ago - 4 comments

#286 - Cdxgen blocked by Symantec Antivirus tool

Issue - State: closed - Opened by visagansanthanam-unisys over 1 year ago - 11 comments

#285 - Update SBoM server part in README

Pull Request - State: closed - Opened by tree-chtsec over 1 year ago - 1 comment

#284 - Support Paket dependency manager for .NET

Issue - State: open - Opened by alexkhudyshkin over 1 year ago

#283 - request dependency-track api failed

Issue - State: closed - Opened by 1uanWu over 1 year ago - 5 comments

#282 - Support pnpm 8 / Crash with lockfile version 6.0

Issue - State: closed - Opened by marcelfrey29 over 1 year ago - 4 comments

#281 - Support maven pom filenames other than pom.xml

Issue - State: open - Opened by thewuffel over 1 year ago - 6 comments

#280 - Bundle android sdk

Pull Request - State: closed - Opened by prabhu over 1 year ago

#279 - Getting error when trying to generate SBOM for my docker image

Issue - State: closed - Opened by boravinod145 over 1 year ago - 4 comments

#278 - How to pass credentials when scanning a remote Git repository in server mode?

Issue - State: closed - Opened by troy256 over 1 year ago - 2 comments

#277 - Adds sbomqs tests

Pull Request - State: closed - Opened by prabhu over 1 year ago - 1 comment

#276 - Encode group and package name. Fixes issues like #274

Pull Request - State: closed - Opened by prabhu over 1 year ago

#275 - Dependency Tree failing for yarn.lock files

Issue - State: closed - Opened by kakumanivrn over 1 year ago - 5 comments

#274 - URIError in decodeURIComponent

Issue - State: closed - Opened by saileru over 1 year ago - 4 comments

#273 - Maven project inheritance is not resolved

Issue - State: open - Opened by crusy over 1 year ago - 3 comments

#272 - Fixes #271

Pull Request - State: closed - Opened by prabhu over 1 year ago

#271 - Failing to parse Gradle Rich Versions

Issue - State: closed - Opened by crusy over 1 year ago - 6 comments

#270 - "License information" (FETCH_LICENSE vs. includeLicenseText)

Issue - State: open - Opened by crusy over 1 year ago - 6 comments