Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / anchore/grype issues and pull requests

#2280 - chore(deps): update tools to latest versions

Pull Request - State: open - Opened by anchore-actions-token-generator[bot] 2 days ago
Labels: dependencies

#2279 - chore(deps): bump anchore/sbom-action from 0.17.7 to 0.17.8

Pull Request - State: open - Opened by dependabot[bot] 3 days ago
Labels: dependencies, github_actions

#2278 - Remove DB v1 & v2 schemas

Pull Request - State: closed - Opened by wagoodman 4 days ago
Labels: breaking-change

#2277 - Simplify v6 distribution material

Pull Request - State: open - Opened by wagoodman 4 days ago

#2276 - chore(deps): update Syft to v1.17.0

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 4 days ago
Labels: dependencies

#2274 - chore(deps): bump github.com/gabriel-vasile/mimetype from 1.4.6 to 1.4.7

Pull Request - State: closed - Opened by dependabot[bot] 5 days ago
Labels: dependencies, go

#2273 - chore(deps): bump github.com/charmbracelet/bubbletea from 1.2.2 to 1.2.3

Pull Request - State: closed - Opened by dependabot[bot] 5 days ago
Labels: dependencies, go

#2272 - chore(deps): bump github/codeql-action from 3.27.4 to 3.27.5

Pull Request - State: closed - Opened by dependabot[bot] 5 days ago
Labels: dependencies, github_actions

#2271 - Filter unrelated fixed version

Pull Request - State: open - Opened by tomersein 5 days ago

#2270 - Please update Winget

Issue - State: open - Opened by TheDevelolper 5 days ago - 1 comment
Labels: enhancement

#2270 - Please update Winget

Issue - State: closed - Opened by TheDevelolper 5 days ago - 3 comments
Labels: enhancement

#2269 - chore(deps): update tools to latest versions

Pull Request - State: open - Opened by anchore-actions-token-generator[bot] 6 days ago - 1 comment
Labels: dependencies

#2269 - chore(deps): update tools to latest versions

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 6 days ago - 1 comment
Labels: dependencies

#2268 - fix: bump clio to fix logging when no tty present

Pull Request - State: closed - Opened by willmurphyscode 6 days ago

#2267 - Add missing package information for Sarif report

Issue - State: open - Opened by GeorgeLS 6 days ago
Labels: enhancement

#2266 - No space left error

Issue - State: open - Opened by rootlikegroot 6 days ago - 2 comments
Labels: bug

#2266 - No space left error

Issue - State: open - Opened by rootlikegroot 6 days ago
Labels: bug

#2265 - Add data-driven approach to v6 distro search

Pull Request - State: closed - Opened by wagoodman 7 days ago - 2 comments
Labels: changelog-ignore

#2265 - Add data-driven approach to v6 distro search

Pull Request - State: open - Opened by wagoodman 7 days ago - 2 comments
Labels: changelog-ignore

#2264 - list of unrelated versions in the remediation

Issue - State: open - Opened by TimBrown1611 8 days ago - 12 comments
Labels: bug

#2263 - Failure on SBOM from cdxgen 11.0.0

Issue - State: open - Opened by metametadata 9 days ago - 1 comment
Labels: bug

#2261 - Fix failing tests

Pull Request - State: closed - Opened by wagoodman 10 days ago
Labels: changelog-ignore

#2260 - chore(deps): bump github/codeql-action from 3.27.3 to 3.27.4

Pull Request - State: closed - Opened by dependabot[bot] 11 days ago - 3 comments
Labels: dependencies, github_actions

#2259 - Add publication/modification/withdrawn date information to vuln records

Issue - State: open - Opened by wagoodman 11 days ago
Labels: enhancement, planning

#2258 - Add affected CPE store

Pull Request - State: closed - Opened by wagoodman 12 days ago
Labels: changelog-ignore

#2257 - chore(deps): bump github/codeql-action from 3.27.0 to 3.27.3

Pull Request - State: closed - Opened by dependabot[bot] 12 days ago
Labels: dependencies, github_actions

#2256 - chore(deps): bump github.com/charmbracelet/bubbletea from 1.1.2 to 1.2.2

Pull Request - State: closed - Opened by dependabot[bot] 12 days ago
Labels: dependencies, go

#2255 - chore(deps): bump github/codeql-action from 3.27.0 to 3.27.2

Pull Request - State: open - Opened by dependabot[bot] 13 days ago
Labels: dependencies, github_actions

#2255 - chore(deps): bump github/codeql-action from 3.27.0 to 3.27.2

Pull Request - State: closed - Opened by dependabot[bot] 13 days ago - 1 comment
Labels: dependencies, github_actions

#2254 - Add purls in sarif report

Pull Request - State: open - Opened by GeorgeLS 13 days ago

#2254 - Add purls in sarif report

Pull Request - State: open - Opened by GeorgeLS 13 days ago

#2253 - Incorrect cve fixed-in version coming in grype output

Issue - State: open - Opened by nehas4 13 days ago - 2 comments
Labels: bug

#2251 - chore(deps): bump github.com/charmbracelet/bubbletea from 1.1.2 to 1.2.1

Pull Request - State: open - Opened by dependabot[bot] 14 days ago
Labels: dependencies, go

#2251 - chore(deps): bump github.com/charmbracelet/bubbletea from 1.1.2 to 1.2.1

Pull Request - State: closed - Opened by dependabot[bot] 14 days ago - 1 comment
Labels: dependencies, go

#2250 - chore(deps): bump github/codeql-action from 3.27.0 to 3.27.1

Pull Request - State: closed - Opened by dependabot[bot] 14 days ago - 1 comment
Labels: dependencies, github_actions

#2250 - chore(deps): bump github/codeql-action from 3.27.0 to 3.27.1

Pull Request - State: closed - Opened by dependabot[bot] 14 days ago - 1 comment
Labels: dependencies, github_actions

#2249 - Document which fields of Syft SBOM are used in processing input

Issue - State: open - Opened by chovanecadam 17 days ago - 4 comments
Labels: enhancement

#2249 - Document which fields of Syft SBOM are used in processing input

Issue - State: open - Opened by chovanecadam 17 days ago - 4 comments
Labels: enhancement

#2248 - Restore log on UI teardown

Pull Request - State: closed - Opened by wagoodman 17 days ago
Labels: bug

#2247 - chore(deps): bump github.com/charmbracelet/bubbletea from 1.1.2 to 1.2.0

Pull Request - State: closed - Opened by dependabot[bot] 18 days ago - 1 comment
Labels: dependencies, go

#2247 - chore(deps): bump github.com/charmbracelet/bubbletea from 1.1.2 to 1.2.0

Pull Request - State: closed - Opened by dependabot[bot] 18 days ago - 1 comment
Labels: dependencies, go

#2245 - Add AffectedPackage store

Pull Request - State: open - Opened by wagoodman 18 days ago
Labels: changelog-ignore

#2245 - Add AffectedPackage store

Pull Request - State: closed - Opened by wagoodman 18 days ago
Labels: changelog-ignore

#2244 - doc: Add official Grype logo license information

Pull Request - State: closed - Opened by popey 18 days ago
Labels: documentation

#2244 - doc: Add official Grype logo license information

Pull Request - State: closed - Opened by popey 18 days ago
Labels: documentation

#2243 - Add v6 vulnerability & blob stores

Pull Request - State: closed - Opened by wagoodman 19 days ago
Labels: changelog-ignore

#2242 - question: Why are CVEs being ignored?

Issue - State: closed - Opened by samcornwell 19 days ago - 6 comments
Labels: changelog-ignore

#2242 - question: Why are CVEs being ignored?

Issue - State: closed - Opened by samcornwell 19 days ago - 6 comments
Labels: changelog-ignore

#2241 - Merge indirect matches with direct matches

Pull Request - State: closed - Opened by wagoodman 19 days ago

#2241 - Merge indirect matches with direct matches

Pull Request - State: closed - Opened by wagoodman 19 days ago

#2239 - Conflicting config defaults

Issue - State: open - Opened by benjaminwilcox 20 days ago - 4 comments
Labels: documentation

#2239 - Conflicting config defaults

Issue - State: open - Opened by benjaminwilcox 20 days ago - 4 comments
Labels: documentation

#2238 - chore(deps): bump anchore/sbom-action from 0.17.6 to 0.17.7

Pull Request - State: closed - Opened by dependabot[bot] 20 days ago
Labels: dependencies, github_actions

#2237 - chore(deps): update Syft to v1.16.0

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 20 days ago

#2236 - Add support for gradle in Java

Issue - State: closed - Opened by jinsihou19 20 days ago - 2 comments
Labels: enhancement

#2234 - chore(deps): update tools to latest versions

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 22 days ago - 1 comment
Labels: dependencies

#2233 - Removal of temporary files not working with Git Bash on Windows

Issue - State: open - Opened by Joerki 23 days ago - 1 comment
Labels: bug

#2232 - Add v6 provider store

Pull Request - State: closed - Opened by wagoodman 24 days ago
Labels: changelog-ignore

#2231 - test: update quality gate db to latest version

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 24 days ago
Labels: changelog-ignore, test

#2230 - chore(deps): bump github.com/adrg/xdg from 0.5.2 to 0.5.3

Pull Request - State: closed - Opened by dependabot[bot] 24 days ago
Labels: dependencies, go

#2229 - some non-PEP440 version constraints for GHSA python packages in grype-db

Issue - State: open - Opened by willmurphyscode 25 days ago - 3 comments
Labels: bug, needs-discussion

#2228 - chore(deps): bump github.com/charmbracelet/lipgloss from 0.13.1 to 1.0.0

Pull Request - State: closed - Opened by dependabot[bot] 25 days ago
Labels: dependencies, go

#2227 - Remove gentoo integration test

Pull Request - State: closed - Opened by wagoodman 26 days ago
Labels: changelog-ignore

#2226 - Search for distro namespaces with incomplete information

Pull Request - State: closed - Opened by wagoodman 26 days ago

#2225 - Add support for scanning single purl from the CLI

Issue - State: closed - Opened by wagoodman 26 days ago
Labels: enhancement

#2224 - Feature request: Grype Convert

Issue - State: open - Opened by tidusete 26 days ago - 1 comment
Labels: enhancement

#2223 - Improve purl input

Pull Request - State: closed - Opened by wagoodman 27 days ago

#2222 - Missing alpine patch version yields inaccurate results

Issue - State: closed - Opened by wagoodman 27 days ago
Labels: bug

#2221 - chore(deps): bump anchore/sbom-action from 0.17.5 to 0.17.6

Pull Request - State: closed - Opened by dependabot[bot] 27 days ago
Labels: dependencies, github_actions

#2220 - chore(deps): bump github.com/adrg/xdg from 0.5.1 to 0.5.2

Pull Request - State: closed - Opened by dependabot[bot] 27 days ago
Labels: dependencies, go

#2219 - bump syft to v1.15.0, sterescope to v0.0.5

Pull Request - State: closed - Opened by willmurphyscode 28 days ago
Labels: dependencies

#2218 - docs: update config section to be valid

Pull Request - State: closed - Opened by kzantow 28 days ago

#2217 - POM data should be derived from pom.xml when available

Issue - State: open - Opened by wagoodman 28 days ago
Labels: bug

#2216 - Should only check maven central if pom info is missing

Issue - State: open - Opened by wagoodman 28 days ago - 3 comments
Labels: bug

#2215 - Replace hashicorp semver lib

Issue - State: open - Opened by wagoodman 28 days ago

#2214 - chore(deps): bump github.com/charmbracelet/bubbletea from 1.1.1 to 1.1.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go

#2213 - chore(deps): update tools to latest versions

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] about 1 month ago
Labels: dependencies

#2212 - Grype Output Schema

Issue - State: open - Opened by Amndeep7 about 1 month ago - 1 comment
Labels: enhancement

#2211 - chore(deps): bump actions/setup-go from 5.0.2 to 5.1.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#2209 - chore(deps): bump actions/checkout from 4.2.1 to 4.2.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#2208 - chore(deps): bump github/codeql-action from 3.26.13 to 3.27.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#2207 - chore(deps): bump github.com/charmbracelet/lipgloss from 0.13.0 to 0.13.1

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go

#2206 - Environment variables are not expanded in the configuration

Issue - State: closed - Opened by sttcns about 1 month ago - 3 comments
Labels: bug, changelog-ignore

#2205 - chore(deps): bump anchore/sbom-action from 0.17.4 to 0.17.5

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#2204 - chore(deps): bump actions/cache from 4.1.1 to 4.1.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#2203 - Update to Syft v1.14.2

Pull Request - State: closed - Opened by wagoodman about 1 month ago

#2202 - Displaying disputed CVE

Issue - State: closed - Opened by levpachmanov about 1 month ago - 2 comments
Labels: bug

#2201 - Updated README.md with period & correct phrase.

Pull Request - State: closed - Opened by Piyush-r-bhaskar about 1 month ago
Labels: documentation

#2200 - Java archive cataloger performance in 0.82.x much slower than 0.81.0

Issue - State: closed - Opened by driseley about 1 month ago - 6 comments
Labels: bug

#2199 - Add more views into grype results

Issue - State: open - Opened by wagoodman about 1 month ago
Labels: enhancement, spike, ui