Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / Nix-Security-WG/nix-security-tracker issues and pull requests

#67 - set up groups and permissions

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 4 comments

#66 - display maintainers per package and vulns per issue

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 2 comments

#65 - feat: generate feeds per issue

Pull Request - State: open - Opened by alejandrosame 10 months ago

#64 - False positive: wrong match on jenkins git plugin

Issue - State: open - Opened by cidkidnix 10 months ago - 1 comment
Labels: local-scanner, false-positive

#63 - docs: add instructions to run ingestion

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#62 - feat: allow ingesting a small subset of CVEs

Pull Request - State: closed - Opened by alejandrosame 10 months ago - 1 comment

#61 - show more detail on issue page

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#60 - [Tracking Issue] Deployment

Issue - State: open - Opened by RaitoBezarius 10 months ago
Labels: online-tracker

#59 - Background tasks

Pull Request - State: closed - Opened by RaitoBezarius 10 months ago

#58 - Parse `.drv` to learn more information about a derivation

Issue - State: open - Opened by RaitoBezarius 10 months ago
Labels: online-tracker

#57 - [Tracking Issue] Nixpkgs data issue

Issue - State: open - Opened by RaitoBezarius 10 months ago

#56 - Make the short code configurable

Issue - State: open - Opened by fricklerhandwerk 10 months ago
Labels: enhancement

#55 - show Nixpkgs issue in Admin view

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago - 1 comment

#54 - feat: evaluation results

Pull Request - State: closed - Opened by RaitoBezarius 10 months ago

#53 - feat(operations): deploy sectracker.nixpkgs.lahfa.xyz

Pull Request - State: closed - Opened by RaitoBezarius 10 months ago - 5 comments

#52 - feat: packaging, testing and deployment

Pull Request - State: closed - Opened by RaitoBezarius 10 months ago

#51 - add hacking docs

Pull Request - State: closed - Opened by fricklerhandwerk 10 months ago

#50 - Better Logging

Pull Request - State: closed - Opened by cidkidnix 10 months ago

#49 - Use NVD instead of local

Pull Request - State: closed - Opened by cidkidnix 10 months ago

#48 - False positive: CVE-2023-3576 in libtiff

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: local-scanner, false-positive

#47 - False positive: CVE-2023-2908 in libtiff

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: local-scanner, false-positive

#46 - False positives: various in 'kernel-modules' and 'glibc-locales'

Issue - State: open - Opened by raboof 10 months ago - 1 comment
Labels: bug, local-scanner, false-positive

#45 - False positive: CVE-2023-3618 in libtiff

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: local-scanner, false-positive

#44 - False postive: CVE-2023-32665 in glib

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: local-scanner, false-positive

#43 - False positive: CVE-2023-32611 in glib

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: local-scanner, false-positive

#42 - False positive: CVE-2023-3164 in gawk

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: local-scanner, false-positive

#41 - False positive: CVE-2023-41175 in libtiff

Issue - State: closed - Opened by raboof 10 months ago
Labels: local-scanner, false-positive

#40 - False positive: CVE-2023-43789 in libXpm

Issue - State: closed - Opened by raboof 10 months ago
Labels: local-scanner, false-positive

#39 - False positive: CVE-2023-43787 in libX11

Issue - State: closed - Opened by raboof 10 months ago
Labels: local-scanner, false-positive

#38 - Take into account affected version ranges from advisories

Issue - State: closed - Opened by raboof 10 months ago - 2 comments
Labels: enhancement, local-scanner

#37 - False positive: CVE-2023-29499 in glib

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: local-scanner, false-positive

#36 - Show severity

Issue - State: open - Opened by raboof 10 months ago - 2 comments
Labels: enhancement, local-scanner

#35 - Ingest NVD feed of advisory metadata

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: online-tracker, local-scanner

#34 - False positive: CVE-2023-4156 in gawk

Issue - State: closed - Opened by raboof 10 months ago - 1 comment
Labels: local-scanner, false-positive

#33 - Allow recording an overridden severity level for an advisory depending on context

Issue - State: open - Opened by raboof 10 months ago
Labels: enhancement, online-tracker, local-scanner

#32 - Allow recording an overridden severity level for an advisory

Issue - State: closed - Opened by raboof 10 months ago - 3 comments
Labels: enhancement, online-tracker, local-scanner

#31 - False positive: w3m via nixos-help

Issue - State: open - Opened by raboof 10 months ago
Labels: local-scanner, false-positive

#30 - Explain where a dependency comes from

Issue - State: open - Opened by raboof 10 months ago
Labels: enhancement, local-scanner

#29 - Export scan results in a form Sonatype CLM / Nexus IQ can consume

Issue - State: open - Opened by raboof 10 months ago
Labels: local-scanner

#28 - Print advisory matches

Pull Request - State: closed - Opened by raboof 10 months ago

#27 - Add development notes

Pull Request - State: closed - Opened by raboof 10 months ago

#26 - Package up the local scanner as a flake

Issue - State: open - Opened by raboof 10 months ago
Labels: local-scanner

#25 - Add cabal install path to PATH in `nix develop`

Pull Request - State: closed - Opened by raboof 10 months ago

#24 - Refactor matching to its own file

Pull Request - State: closed - Opened by raboof 10 months ago

#23 - Remove src/MyLib.hs

Pull Request - State: closed - Opened by raboof 10 months ago

#22 - add `cabal install --overwrite-policy=always` to readme

Pull Request - State: closed - Opened by raboof 10 months ago

#21 - Parse SBOM

Pull Request - State: closed - Opened by raboof 10 months ago - 1 comment

#20 - Add a script to get the inventory from sbomnix and invoke CVENix

Pull Request - State: closed - Opened by raboof 10 months ago - 1 comment

#19 - [Tracking issue] Demo Readiness

Issue - State: open - Opened by ApolloUnicorn 10 months ago - 1 comment

#18 - Sending notifications of newly detected local vulnerabilities

Issue - State: open - Opened by raboof 10 months ago - 1 comment
Labels: enhancement, local-scanner

#17 - Creating the inventory of locally installed derivations

Issue - State: open - Opened by raboof 10 months ago - 1 comment
Labels: local-scanner

#16 - CVE fetchers should work using a bulk saving context or perform bulk_create

Issue - State: open - Opened by RaitoBezarius 10 months ago
Labels: enhancement, help wanted, good first issue, nice to have

#15 - [Tracking issue] "End user" story

Issue - State: open - Opened by RaitoBezarius 11 months ago - 9 comments
Labels: local-scanner

#14 - Background task management

Issue - State: open - Opened by RaitoBezarius 11 months ago
Labels: online-tracker

#13 - Staging deployment

Issue - State: closed - Opened by RaitoBezarius 11 months ago - 1 comment

#12 - Nix packaging & testing

Issue - State: closed - Opened by RaitoBezarius 11 months ago - 1 comment

#11 - [Tracking issue] Initial scaffolding

Issue - State: closed - Opened by RaitoBezarius 11 months ago
Labels: online-tracker

#10 - Security page of a certain Nix issue

Issue - State: open - Opened by RaitoBezarius 11 months ago - 5 comments
Labels: online-tracker

#9 - Regular notifications

Issue - State: open - Opened by RaitoBezarius 11 months ago
Labels: online-tracker

#8 - Ingestion of evaluation results of any supported channel

Issue - State: closed - Opened by RaitoBezarius 11 months ago - 7 comments
Labels: online-tracker

#7 - Open a PR as a "bot" account

Issue - State: open - Opened by RaitoBezarius 11 months ago

#6 - Subscribe to any PR update in Nixpkgs

Issue - State: open - Opened by RaitoBezarius 11 months ago
Labels: online-tracker

#5 - Triaging CVEs into Nix security issues

Issue - State: open - Opened by RaitoBezarius 11 months ago

#4 - CVE feed ingestion

Issue - State: closed - Opened by RaitoBezarius 11 months ago - 9 comments

#3 - Log in via GitHub

Issue - State: closed - Opened by RaitoBezarius 11 months ago - 1 comment
Labels: online-tracker

#2 - [Tracking issue] User story "Maintainers"

Issue - State: open - Opened by RaitoBezarius 11 months ago
Labels: online-tracker

#1 - [Tracking issue] User story "Security team"

Issue - State: open - Opened by RaitoBezarius 11 months ago
Labels: online-tracker