Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / anchore/syft issues and pull requests
#3639 - Read GitHub Dependency Graph SBOM format
Issue -
State: open - Opened by Shweta4398 4 days ago
- 6 comments
Labels: enhancement, good-first-issue, format
#3638 - chore(deps): update CPE dictionary index
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 4 days ago
Labels: dependencies
#3637 - chore(deps): update tools to latest versions
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 6 days ago
Labels: dependencies
#3636 - feat: run file hash algorithms in parallel
Pull Request -
State: open - Opened by kzantow 6 days ago
#3635 - chore(deps): update tools to latest versions
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 7 days ago
Labels: dependencies
#3634 - chore(deps): bump github/codeql-action from 3.28.7 to 3.28.8
Pull Request -
State: closed - Opened by dependabot[bot] 8 days ago
Labels: dependencies
#3633 - chore: replace all shorthand tags of mapstruct -> mapstructure
Pull Request -
State: closed - Opened by spiffcs 8 days ago
- 1 comment
#3632 - Add Cataloger for Homebrew on macOS
Issue -
State: open - Opened by rezmoss 8 days ago
- 1 comment
Labels: enhancement, good-first-issue, new-cataloger
#3631 - feat: 3626 add option enable license content; disable by default
Pull Request -
State: open - Opened by spiffcs 8 days ago
#3630 - docs: update descriptions with correct options
Pull Request -
State: closed - Opened by spiffcs 9 days ago
#3629 - Support extracting go dependencies from test binaries
Issue -
State: open - Opened by audunmo 9 days ago
- 1 comment
Labels: enhancement, needs-investigation
#3628 - chore(deps): bump github/codeql-action from 3.28.6 to 3.28.7
Pull Request -
State: closed - Opened by dependabot[bot] 9 days ago
Labels: dependencies
#3627 - chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.8 to 0.5.9
Pull Request -
State: closed - Opened by dependabot[bot] 9 days ago
Labels: dependencies
#3626 - feat: disable license contents from being included in SBOM
Issue -
State: open - Opened by spiffcs 9 days ago
Labels: enhancement
#3625 - chore(deps): bump github/codeql-action from 3.28.5 to 3.28.6
Pull Request -
State: closed - Opened by dependabot[bot] 10 days ago
Labels: dependencies
#3624 - "syft config" output swaps comments for search-indexed-archives / search-unindexed-archives
Issue -
State: closed - Opened by e4711s 10 days ago
- 1 comment
Labels: bug
#3623 - Incorrect purl for [email protected] results in missed CVE
Issue -
State: open - Opened by willem-delbare 11 days ago
- 8 comments
Labels: bug, needs-investigation
#3622 - chore(deps): bump github/codeql-action from 3.28.4 to 3.28.5
Pull Request -
State: closed - Opened by dependabot[bot] 11 days ago
Labels: dependencies
#3621 - chore(deps): bump github.com/bmatcuk/doublestar/v4 from 4.8.0 to 4.8.1
Pull Request -
State: closed - Opened by dependabot[bot] 11 days ago
Labels: dependencies
#3620 - chore(deps): update CPE dictionary index
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 11 days ago
Labels: dependencies
#3619 - chore(deps): bump anchore/sbom-action from 0.17.9 to 0.18.0
Pull Request -
State: closed - Opened by dependabot[bot] 14 days ago
Labels: dependencies
#3618 - chore(deps): bump github/codeql-action from 3.28.3 to 3.28.4
Pull Request -
State: closed - Opened by dependabot[bot] 14 days ago
Labels: dependencies
#3617 - Syft cannot scan the component information in the source code package of C/C++language
Issue -
State: open - Opened by sunpan1101 14 days ago
Labels: bug
#3616 - Syft cannot scan the component information of C # language
Issue -
State: open - Opened by sunpan1101 14 days ago
Labels: bug
#3615 - Fix namespace value for OpenSUSE distros
Pull Request -
State: closed - Opened by mprpic 14 days ago
- 1 comment
#3614 - go-module-file-cataloger fails if symlinks in path
Issue -
State: open - Opened by Silvanoc 15 days ago
Labels: bug
#3613 - chore(deps): bump actions/cache from 3.3.2 to 4.2.0 in /.github/actions/bootstrap
Pull Request -
State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies
#3612 - chore(deps): bump actions/setup-go from 5.0.1 to 5.3.0 in /.github/actions/bootstrap
Pull Request -
State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies
#3611 - chore(ci): fix composite GitHub action path in dependabot config
Pull Request -
State: closed - Opened by westonsteimel 15 days ago
#3610 - chore(deps): bump github.com/docker/docker from 27.5.0+incompatible to 27.5.1+incompatible
Pull Request -
State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies
#3609 - chore(deps): bump github.com/go-git/go-git/v5 from 5.13.1 to 5.13.2
Pull Request -
State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies
#3608 - chore(deps): bump github/codeql-action from 3.28.2 to 3.28.3
Pull Request -
State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies
#3607 - chore(deps): update tools to latest versions
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 15 days ago
Labels: dependencies
#3606 - chore(deps): bump github.com/aquasecurity/go-pep440-version from 0.0.0-20210121094942-22b2f8951d46 to 0.0.1
Pull Request -
State: closed - Opened by dependabot[bot] 16 days ago
Labels: dependencies
#3605 - chore(deps): bump github.com/hashicorp/hcl/v2 from 2.22.0 to 2.23.0
Pull Request -
State: closed - Opened by dependabot[bot] 16 days ago
Labels: dependencies
#3604 - chore(deps): bump github/codeql-action from 3.28.1 to 3.28.2
Pull Request -
State: closed - Opened by dependabot[bot] 16 days ago
Labels: dependencies
#3603 - Add Docker to Syft OCI Images
Issue -
State: open - Opened by henrysachs 16 days ago
Labels: enhancement
#3602 - chore(deps): update tools to latest versions
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 16 days ago
Labels: dependencies
#3601 - chore: bump stereoscope to v0.0.13
Pull Request -
State: closed - Opened by spiffcs 16 days ago
#3600 - chore(deps): bump actions/setup-go from 5.2.0 to 5.3.0
Pull Request -
State: closed - Opened by dependabot[bot] 17 days ago
Labels: dependencies
#3599 - chore(deps): update CPE dictionary index
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 18 days ago
Labels: dependencies
#3598 - rust: path dependencies: in-repo crates incorrectly being detected and fallbacks to upstream `crates.io` packages even though `path`s specified, leading Grype detects FP vulnerabilities for Rust
Issue -
State: open - Opened by Dentrax 19 days ago
Labels: bug
#3597 - chore(deps): update tools to latest versions
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 19 days ago
Labels: dependencies
#3596 - chore: bump packageurl-go with new parsing rules
Pull Request -
State: closed - Opened by spiffcs 20 days ago
#3595 - chore(deps): bump marocchino/sticky-pull-request-comment from 2.9.0 to 2.9.1
Pull Request -
State: closed - Opened by dependabot[bot] 21 days ago
Labels: dependencies
#3594 - Merging package does not consider UNKNOWN version stubs
Issue -
State: open - Opened by wagoodman 21 days ago
Labels: bug
#3593 - chore(deps): bump modernc.org/sqlite from 1.34.4 to 1.34.5
Pull Request -
State: closed - Opened by dependabot[bot] 22 days ago
Labels: dependencies
#3592 - chore(deps): bump github.com/google/go-containerregistry from 0.20.2 to 0.20.3
Pull Request -
State: closed - Opened by dependabot[bot] 22 days ago
Labels: dependencies
#3591 - Ensure go standard library version in component and PURL are consistent
Issue -
State: open - Opened by g-suraj 23 days ago
- 2 comments
Labels: bug
#3590 - Allow correction / overwrite of license information
Issue -
State: open - Opened by markussiebert 23 days ago
- 2 comments
Labels: enhancement
#3589 - Optimization of Dependency Retrieval for Red Hat-Based Systems
Issue -
State: open - Opened by PatrickStarBaby 23 days ago
- 2 comments
Labels: enhancement
#3588 - syft shows (devel) version for git-lfs while git-lfs version command shows 3.6.0
Issue -
State: open - Opened by Bruceliu-rs 23 days ago
- 4 comments
Labels: bug, needs-investigation
#3587 - chore(deps): bump github.com/docker/docker from 27.4.1+incompatible to 27.5.0+incompatible
Pull Request -
State: closed - Opened by dependabot[bot] 24 days ago
Labels: dependencies
#3586 - chore(deps): bump github.com/bmatcuk/doublestar/v4 from 4.7.1 to 4.8.0
Pull Request -
State: closed - Opened by dependabot[bot] 24 days ago
Labels: dependencies
#3585 - chore(deps): bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2
Pull Request -
State: closed - Opened by dependabot[bot] 25 days ago
Labels: dependencies
#3584 - chore(deps): bump github/codeql-action from 3.28.0 to 3.28.1
Pull Request -
State: closed - Opened by dependabot[bot] 25 days ago
Labels: dependencies
#3583 - chore(deps): update CPE dictionary index
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 25 days ago
Labels: dependencies
#3582 - chore(deps): update tools to latest versions
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 26 days ago
Labels: dependencies
#3581 - chore(deps): bump actions/upload-artifact from 4.5.0 to 4.6.0
Pull Request -
State: closed - Opened by dependabot[bot] 28 days ago
Labels: dependencies
#3580 - chore(deps): bump github.com/spf13/afero from 1.11.0 to 1.12.0
Pull Request -
State: closed - Opened by dependabot[bot] 28 days ago
Labels: dependencies
#3579 - chore(deps): bump github.com/sanity-io/litter from 1.5.5 to 1.5.6
Pull Request -
State: open - Opened by dependabot[bot] 28 days ago
Labels: dependencies
#3579 - chore(deps): bump github.com/sanity-io/litter from 1.5.5 to 1.5.6
Pull Request -
State: closed - Opened by dependabot[bot] 28 days ago
Labels: dependencies
#3578 - Update README.md's link to Nixpkgs
Pull Request -
State: open - Opened by axman6 28 days ago
#3578 - Update README.md's link to Nixpkgs
Pull Request -
State: closed - Opened by axman6 28 days ago
- 1 comment
Labels: changelog-ignore
#3577 - Syft generates invalid PURLs when name contains `:`
Issue -
State: closed - Opened by jkugler 28 days ago
- 9 comments
Labels: bug
#3576 - Multiple Maven Repositories
Issue -
State: open - Opened by henrysachs 29 days ago
- 2 comments
Labels: enhancement, needs-investigation
#3576 - Multiple Maven Repositories
Issue -
State: open - Opened by henrysachs 29 days ago
Labels: enhancement
#3575 - syft convert cycloneDx Metadata is lost after reconvert
Issue -
State: open - Opened by henrysachs 29 days ago
Labels: bug
#3575 - syft convert cycloneDx Metadata is lost after reconvert
Issue -
State: open - Opened by henrysachs 29 days ago
Labels: bug, needs-investigation
#3574 - Syft convert from cdx.json -> syft.json -> cdx.json fails
Issue -
State: open - Opened by henrysachs 29 days ago
Labels: bug
#3574 - Syft convert from cdx.json -> syft.json -> cdx.json fails
Issue -
State: open - Opened by henrysachs 29 days ago
Labels: bug, needs-investigation
#3573 - Some questions regarding the Syft code
Issue -
State: closed - Opened by PatrickStarBaby 29 days ago
- 3 comments
#3573 - Some questions regarding the Syft code
Issue -
State: open - Opened by PatrickStarBaby 29 days ago
#3572 - fix: fetch Dart package versions from sdk entries
Pull Request -
State: open - Opened by sgreg 29 days ago
- 1 comment
#3572 - fix: fetch Dart package versions from sdk entries
Pull Request -
State: open - Opened by sgreg 29 days ago
#3571 - chore(deps): update anchore dependencies
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 30 days ago
Labels: dependencies, pre-release
#3571 - chore(deps): update anchore dependencies
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] 30 days ago
Labels: dependencies, pre-release
#3570 - .NET deps.json should be considered as installation evidence
Issue -
State: open - Opened by wagoodman 30 days ago
Labels: bug, ecosystem:dotnet
#3569 - Windows sbom have strange % in purl/sbom-ref
Issue -
State: open - Opened by freeeflyer about 1 month ago
- 3 comments
Labels: bug
#3569 - Windows sbom have strange % in purl/sbom-ref
Issue -
State: open - Opened by freeeflyer about 1 month ago
- 3 comments
Labels: bug
#3568 - chore(deps): bump golang.org/x/net from 0.33.0 to 0.34.0
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies
#3568 - chore(deps): bump golang.org/x/net from 0.33.0 to 0.34.0
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies
#3567 - chore(deps): update tools to latest versions
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] about 1 month ago
Labels: dependencies
#3567 - chore(deps): update tools to latest versions
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] about 1 month ago
Labels: dependencies
#3566 - detect jQuery file
Issue -
State: open - Opened by witchcraze about 1 month ago
- 2 comments
Labels: enhancement, needs-investigation
#3565 - chore(deps): update CPE dictionary index
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] about 1 month ago
Labels: dependencies
#3564 - chore(deps): update tools to latest versions
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] about 1 month ago
Labels: dependencies
#3563 - More performant dotnet PE parser
Pull Request -
State: open - Opened by wagoodman about 1 month ago
- 1 comment
#3562 - generate attestations for muli-arch signed SBOMs
Issue -
State: open - Opened by ruzickap about 1 month ago
Labels: enhancement
#3561 - chore(deps): bump github.com/go-git/go-git/v5 from 5.13.0 to 5.13.1
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies
#3560 - chore(deps): update tools to latest versions
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] about 1 month ago
Labels: dependencies
#3559 - test: removes latest license list assertion
Pull Request -
State: closed - Opened by spiffcs about 1 month ago
Labels: changelog-ignore
#3558 - Use reader when scanning for package versions over reading entire binary into memory
Pull Request -
State: closed - Opened by wagoodman about 1 month ago
- 1 comment
Labels: performance
#3557 - chore: update license list with new version
Pull Request -
State: closed - Opened by spiffcs about 1 month ago
#3556 - chore(deps): update tools to latest versions
Pull Request -
State: closed - Opened by anchore-actions-token-generator[bot] about 1 month ago
Labels: dependencies
#3555 - chore(deps): bump github.com/invopop/jsonschema from 0.7.0 to 0.13.0
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
- 2 comments
Labels: dependencies
#3554 - Add crates.io enichment option for rust audit binary, json schema and spdx license updates.
Pull Request -
State: open - Opened by jimmystewpot about 1 month ago
- 1 comment
Labels: ecosystem:rust, json-schema
#3553 - stdlib version contains distribution
Issue -
State: open - Opened by TimBrown1611 about 1 month ago
- 3 comments
Labels: bug
#3552 - chore(deps): bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies
#3551 - chore(deps): bump github.com/go-git/go-billy/v5 from 5.6.0 to 5.6.1
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
- 2 comments
Labels: dependencies