Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / Nix-Security-WG/nix-security-tracker issues and pull requests

#167 - Add manual triage view

Pull Request - State: closed - Opened by alejandrosame about 2 months ago - 3 comments

#166 - Refactor receiver for allauth.signals.user_sign_up

Issue - State: open - Opened by alejandrosame 2 months ago
Labels: nice to have, online-tracker

#165 - Adding Github Oauth and group sync

Pull Request - State: closed - Opened by alejandrosame 2 months ago

#164 - docs: add instructions to set up GitHub authentication

Pull Request - State: closed - Opened by fricklerhandwerk 2 months ago

#163 - refactor: automatically read SSH keys from directory

Pull Request - State: closed - Opened by fricklerhandwerk 2 months ago

#162 - chore: add alejandrosame keys for staging access

Pull Request - State: closed - Opened by alejandrosame 2 months ago

#161 - ci: update SSH key

Pull Request - State: closed - Opened by fricklerhandwerk 2 months ago

#160 - feat: add architecture for record linkage

Pull Request - State: open - Opened by alejandrosame 3 months ago - 2 comments

#159 - feat: WIP Github Oauth integration

Pull Request - State: closed - Opened by alejandrosame 3 months ago - 1 comment

#158 - fix: update reset script commands

Pull Request - State: closed - Opened by alejandrosame 3 months ago

#156 - docs: add instructions to get Nixpkgs channels manually

Pull Request - State: closed - Opened by fricklerhandwerk 8 months ago

#155 - fix: swallow stderr on `git cat-files`

Pull Request - State: closed - Opened by fricklerhandwerk 8 months ago

#154 - feat: take into account patch information from sbom

Pull Request - State: closed - Opened by raboof 9 months ago

#152 - Add basic issue linking (and unlinking)

Pull Request - State: open - Opened by Yasuke 9 months ago

#151 - False positive: CVE-2023-27371 in libmicrohttpd

Issue - State: closed - Opened by raboof 9 months ago
Labels: local-scanner, false-positive

#150 - False positive: CVE-2019-14860, CVE-2019-14900 in fuse

Issue - State: open - Opened by raboof 9 months ago
Labels: local-scanner, false-positive

#149 - [Tracking Issue] Long-term performance of the security tracker

Issue - State: open - Opened by RaitoBezarius 9 months ago - 1 comment
Labels: online-tracker

#148 - feat(models): improve the Nix evaluation data models

Pull Request - State: closed - Opened by fricklerhandwerk 9 months ago - 6 comments

#147 - ci: add keyfiles for staging

Pull Request - State: closed - Opened by fricklerhandwerk 9 months ago

#146 - docs: update onboarding and handling instructions

Pull Request - State: closed - Opened by fricklerhandwerk 9 months ago

#145 - add code for managing a Nixpkgs checkout

Pull Request - State: closed - Opened by fricklerhandwerk 9 months ago - 1 comment

#144 - style: satisfy statix

Pull Request - State: closed - Opened by fricklerhandwerk 9 months ago

#143 - Fix manual ingestion, add manage to the nix shell

Pull Request - State: closed - Opened by Yasuke 9 months ago

#142 - False negative: CVE-2023-38470 in avahi

Issue - State: closed - Opened by raboof 9 months ago - 1 comment
Labels: local-scanner

#141 - Add license metadata

Pull Request - State: closed - Opened by raboof 9 months ago

#140 - feat: add view for affected packages per channel

Pull Request - State: closed - Opened by alejandrosame 9 months ago - 1 comment

#139 - Track relevant GitHub PRs

Issue - State: closed - Opened by fricklerhandwerk 9 months ago - 1 comment
Labels: online-tracker

#138 - Handle related GitHub issues

Issue - State: open - Opened by fricklerhandwerk 9 months ago

#137 - False positive: CVE-2015-1773 in flex

Issue - State: open - Opened by raboof 9 months ago
Labels: local-scanner, false-positive

#136 - Ingest repology CPE bindings for more accurate matching

Issue - State: open - Opened by raboof 9 months ago
Labels: enhancement, local-scanner

#135 - False positive: CVE-2006-7246 in networkmanager

Issue - State: closed - Opened by raboof 9 months ago - 1 comment
Labels: local-scanner, false-positive

#134 - Add mergify

Issue - State: open - Opened by Mic92 9 months ago - 1 comment

#133 - ci: see if magic-nix-cache improves build times

Pull Request - State: closed - Opened by Mic92 9 months ago - 4 comments

#132 - Cache parsed NVD collection

Issue - State: open - Opened by raboof 9 months ago
Labels: enhancement, local-scanner

#131 - Cache web results per advisory id

Issue - State: open - Opened by raboof 9 months ago
Labels: enhancement, local-scanner

#130 - False positive: CVE-2023-45853 in zlib

Issue - State: open - Opened by raboof 9 months ago
Labels: local-scanner, false-positive

#129 - False positive: CVE-2019-0190 in openssl

Issue - State: open - Opened by raboof 9 months ago
Labels: local-scanner, false-positive

#128 - Managing the deletion of users

Issue - State: open - Opened by alejandrosame 9 months ago
Labels: online-tracker

#127 - False positive: CVE-2023-2975 in openssl

Issue - State: closed - Opened by raboof 9 months ago - 1 comment
Labels: local-scanner, false-positive

#126 - feat: nixpkgsissue activity log view

Pull Request - State: open - Opened by alejandrosame 9 months ago - 5 comments

#125 - Invoking the ws

Pull Request - State: closed - Opened by raboof 9 months ago - 1 comment

#124 - ci: fix incorrect runs-on and enable nixos tests

Pull Request - State: closed - Opened by Mic92 9 months ago - 3 comments

#123 - Holy grail: end-to-end pipeline for evaluation of Nixpkgs

Pull Request - State: closed - Opened by RaitoBezarius 10 months ago - 1 comment

#122 - fix: default values for maintainer's github values

Pull Request - State: closed - Opened by alejandrosame 10 months ago - 4 comments

#121 - feat: list issues and filter by referenced CVEs in REST API

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#120 - Fetch NVD delta information

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: enhancement, local-scanner

#119 - feat: test nginx reverse proxy as well

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#118 - Cache inventory

Issue - State: open - Opened by raboof 10 months ago
Labels: enhancement, local-scanner

#117 - Smarter backoff when hitting NVD rate limits

Issue - State: open - Opened by raboof 10 months ago
Labels: enhancement, local-scanner

#116 - Improve performance

Issue - State: open - Opened by raboof 10 months ago
Labels: enhancement, local-scanner

#115 - style: apply nixfmt globally

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 1 comment

#114 - feat: allow ingesting latest CVE entries by date

Pull Request - State: closed - Opened by alejandrosame 10 months ago

#113 - fix: missing `re` import and type annotations

Pull Request - State: closed - Opened by alejandrosame 10 months ago

#112 - Extract severity from the `metrics` JSON object

Issue - State: open - Opened by fricklerhandwerk 10 months ago
Labels: enhancement, online-tracker

#111 - feat: fetch _all_ channels from status.nixos.org

Pull Request - State: closed - Opened by RaitoBezarius 10 months ago - 2 comments

#110 - docs: local development is over http, not https

Pull Request - State: closed - Opened by raboof 10 months ago

#109 - ci: add basic github check

Pull Request - State: closed - Opened by Mic92 10 months ago - 9 comments

#108 - Show derivation metadata inline in admin view

Issue - State: open - Opened by fricklerhandwerk 10 months ago
Labels: nice to have, online-tracker

#107 - fix: store maintainers by GitHub ID

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#106 - fix: missing rename

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#105 - docs: switch from sqlite to postgresql

Pull Request - State: closed - Opened by Mic92 10 months ago - 2 comments

#104 - build: enforce type annotations

Pull Request - State: closed - Opened by Mic92 10 months ago - 1 comment

#103 - build: enable ruff's upgrade linter

Pull Request - State: closed - Opened by Mic92 10 months ago - 1 comment

#102 - build: enable naming convention linter

Pull Request - State: closed - Opened by Mic92 10 months ago - 5 comments

#101 - feat: history log setup

Pull Request - State: open - Opened by alejandrosame 10 months ago - 2 comments

#100 - fix: merge migrations

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 1 comment

#99 - feat: display knownVulnerabilities per derivation

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 1 comment

#98 - docs: add instructions for running tests

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#97 - add more admin convenience

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 1 comment

#96 - Ruff: re-enable and expand

Pull Request - State: closed - Opened by Mic92 10 months ago

#95 - feat: strengthen the maintainer model

Pull Request - State: closed - Opened by RaitoBezarius 10 months ago

#94 - show ingested data in admin view

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 1 comment

#93 - feat: store CVE per derivation

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 1 comment

#92 - feat: keep CVE data in a local cache directory for efficient reimports

Pull Request - State: closed - Opened by alejandrosame 10 months ago - 1 comment

#91 - Missing ingestion fields

Issue - State: open - Opened by fricklerhandwerk 10 months ago
Labels: bug

#90 - docs: use alias consistently

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#89 - fix: evaluate insecure packages as well

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#88 - feat: allow user to set the subset of data entries for development/testing

Pull Request - State: closed - Opened by alejandrosame 10 months ago - 1 comment

#87 - style: set up `nixfmt` according to RFC 166

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 1 comment

#86 - fix: make overlay work as intended

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 1 comment

#85 - fix: bring back `--test` flag on the ingestion command

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#84 - feat: add a basic triaging view

Pull Request - State: closed - Opened by RaitoBezarius 10 months ago - 2 comments

#83 - Feat/ingest test data

Pull Request - State: closed - Opened by alejandrosame 10 months ago - 1 comment

#82 - feat: add fixture for quick dev data setup

Pull Request - State: closed - Opened by alejandrosame 10 months ago

#81 - Exclude particular CPEs from version and package name matching

Issue - State: open - Opened by raboof 10 months ago
Labels: enhancement, local-scanner

#80 - False positive: CVE-2015-2987 in ed

Issue - State: open - Opened by raboof 10 months ago
Labels: local-scanner, false-positive

#79 - False positive: CVE-2021-32490 and others in djvulibre

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: local-scanner, false-positive

#78 - False positive: CVE-2023-24805 in cups-filters

Issue - State: closed - Opened by raboof 10 months ago
Labels: local-scanner, false-positive

#77 - False positive: CVE-2022-26691 in CUPS

Issue - State: open - Opened by raboof 10 months ago
Labels: local-scanner, false-positive

#76 - False positive: CVE-2023-1972 in binutils

Issue - State: closed - Opened by raboof 10 months ago
Labels: local-scanner, false-positive

#75 - Take into account patch information from the derivation

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: enhancement, local-scanner

#74 - False positive: CVE-2023-3341 (and 7 more) in bind

Issue - State: open - Opened by raboof 10 months ago
Labels: local-scanner, false-positive

#73 - False positive: CVE-2021-26720 in avahi

Issue - State: open - Opened by raboof 10 months ago - 1 comment
Labels: local-scanner, false-positive

#72 - feat: add knownVulnerabilities to derivation metadata

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 5 comments

#71 - fix: use minimal padding for shortcode

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#70 - Add unit test

Pull Request - State: closed - Opened by raboof 10 months ago - 1 comment

#69 - fix: m2m relationships on insertion

Pull Request - State: closed - Opened by alejandrosame 10 months ago