Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / boostsecurityio/poutine issues and pull requests

#254 - Sort untrusted command list + add OpenTofu and Maven

Pull Request - State: closed - Opened by rgmz 27 days ago

#253 - build(deps): bump github.com/open-policy-agent/opa from 0.70.0 to 1.0.0

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go

#252 - build(deps): bump gitlab.com/gitlab-org/api/client-go from 0.116.0 to 0.118.0

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#251 - build(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#250 - build(deps): bump github/codeql-action from 3.27.5 to 3.28.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#249 - build(deps): bump actions/setup-go from 5.1.0 to 5.2.0

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#248 - feat(rules): additional code execution commands for untrusted checkout exec

Pull Request - State: closed - Opened by bthuilot about 1 month ago - 2 comments

#247 - Remove gh-extension tag from repo

Issue - State: closed - Opened by michaelmior about 1 month ago - 4 comments

#246 - chore(dependencies): use new import path for go-gitlab

Pull Request - State: closed - Opened by bthuilot about 2 months ago

#245 - False positive about a vulnerable action version number

Issue - State: open - Opened by johnbillion about 2 months ago - 1 comment

#244 - build(deps): bump golang.org/x/sync from 0.8.0 to 0.10.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, go

#243 - build(deps): bump github.com/schollz/progressbar/v3 from 3.17.0 to 3.17.1

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#242 - build(deps): bump golang.org/x/sync from 0.8.0 to 0.9.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, go

#241 - build(deps): bump golang.org/x/oauth2 from 0.23.0 to 0.24.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#240 - build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, go

#239 - build(deps): bump github.com/xanzy/go-gitlab from 0.112.0 to 0.114.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#238 - build(deps): bump actions/dependency-review-action from 4.4.0 to 4.5.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#237 - build(deps): bump sigstore/cosign-installer from 3.6.0 to 3.7.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#236 - build(deps): bump step-security/harden-runner from 2.10.1 to 2.10.2

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#235 - build(deps): bump github/codeql-action from 3.27.0 to 3.27.5

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#234 - build(deps): bump actions/setup-go from 5.0.2 to 5.1.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#233 - feat(findings): include 'event_triggers' in finding metadata

Pull Request - State: closed - Opened by bthuilot 3 months ago

#232 - Include event triggers in results metadata

Issue - State: closed - Opened by bthuilot 3 months ago - 3 comments

#231 - Bump Goreleaser to V2

Pull Request - State: closed - Opened by SUSTAPLE117 3 months ago

#230 - Inventory Scanner Refactoring

Pull Request - State: closed - Opened by SUSTAPLE117 3 months ago - 1 comment

#229 - build(deps): bump github/codeql-action from 3.26.10 to 3.27.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#228 - build(deps): bump actions/checkout from 4.2.0 to 4.2.2

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#227 - build(deps): bump actions/upload-artifact from 4.4.0 to 4.4.3

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#226 - build(deps): bump actions/dependency-review-action from 4.3.4 to 4.4.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#225 - build(deps): bump github.com/open-policy-agent/opa from 0.69.0 to 0.70.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#224 - build(deps): bump github.com/schollz/progressbar/v3 from 3.16.1 to 3.17.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#223 - build(deps): bump github.com/xanzy/go-gitlab from 0.110.0 to 0.112.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#213 - Resolve Repo Local Actions

Pull Request - State: closed - Opened by SUSTAPLE117 5 months ago

#143 - Bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, github_actions, breaking_changes

#100 - Gracefully handle an org having no public/accessible repos

Issue - State: closed - Opened by rgmz 8 months ago - 1 comment

#100 - Gracefully handle an org having no public/accessible repos

Issue - State: closed - Opened by rgmz 8 months ago - 1 comment

#98 - chore: upgrade base_image

Pull Request - State: closed - Opened by becojo 8 months ago

#98 - chore: upgrade base_image

Pull Request - State: closed - Opened by becojo 8 months ago

#97 - Update README.md - Add link to GitHub Pages

Pull Request - State: closed - Opened by fproulx-boostsecurity 9 months ago

#97 - Update README.md - Add link to GitHub Pages

Pull Request - State: closed - Opened by fproulx-boostsecurity 9 months ago

#96 - Fix GitHub Action workflows paths / paths-ignore

Pull Request - State: closed - Opened by fproulx-boostsecurity 9 months ago

#96 - Fix GitHub Action workflows paths / paths-ignore

Pull Request - State: closed - Opened by fproulx-boostsecurity 9 months ago

#95 - Make --scm-base-url more fool-proof

Pull Request - State: closed - Opened by ledo01 9 months ago - 1 comment

#95 - Make --scm-base-url more fool-proof

Pull Request - State: closed - Opened by ledo01 9 months ago - 1 comment

#94 - Publish to Homebrew

Issue - State: closed - Opened by fproulx-boostsecurity 9 months ago - 9 comments

#94 - Publish to Homebrew

Issue - State: closed - Opened by fproulx-boostsecurity 9 months ago - 9 comments

#93 - Make `--scm-base-url` more fool-proof

Issue - State: closed - Opened by fproulx-boostsecurity 9 months ago
Labels: enhancement, good first issue

#93 - Make `--scm-base-url` more fool-proof

Issue - State: closed - Opened by fproulx-boostsecurity 9 months ago
Labels: enhancement, good first issue

#91 - GitHub Pages Part 1 - Add Hugo geekdoc theme

Pull Request - State: closed - Opened by fproulx-boostsecurity 9 months ago

#91 - GitHub Pages Part 1 - Add Hugo geekdoc theme

Pull Request - State: closed - Opened by fproulx-boostsecurity 9 months ago

#90 - Provider Vulnerability Scanning

Pull Request - State: closed - Opened by SUSTAPLE117 9 months ago

#89 - Add Hugo-based GitHub Pages deployment flow

Pull Request - State: closed - Opened by fproulx-boostsecurity 9 months ago

#89 - Add Hugo-based GitHub Pages deployment flow

Pull Request - State: closed - Opened by fproulx-boostsecurity 9 months ago

#87 - Gitlab on-premise / GitHub Enterprise CVE check

Issue - State: closed - Opened by fproulx-boostsecurity 9 months ago - 2 comments

#87 - Gitlab on-premise / GitHub Enterprise CVE check

Issue - State: closed - Opened by fproulx-boostsecurity 9 months ago - 2 comments

#86 - gitlab: fix parsing error on scalar includes

Pull Request - State: closed - Opened by becojo 9 months ago

#86 - gitlab: fix parsing error on scalar includes

Pull Request - State: closed - Opened by becojo 9 months ago

#85 - Error Parsing .gitlab-ci.yml Includes

Issue - State: closed - Opened by SUSTAPLE117 9 months ago

#85 - Error Parsing .gitlab-ci.yml Includes

Issue - State: closed - Opened by SUSTAPLE117 9 months ago

#84 - Fix Gitlab Scanning and Fork Ignore

Pull Request - State: closed - Opened by SUSTAPLE117 9 months ago

#84 - Fix Gitlab Scanning and Fork Ignore

Pull Request - State: closed - Opened by SUSTAPLE117 9 months ago

#83 - Error 404 when using analyze_repo on a gitlab project

Issue - State: closed - Opened by AppSecAmael 9 months ago

#83 - Error 404 when using analyze_repo on a gitlab project

Issue - State: closed - Opened by AppSecAmael 9 months ago

#82 - docs: add sample configuration file

Pull Request - State: closed - Opened by becojo 9 months ago

#82 - docs: add sample configuration file

Pull Request - State: closed - Opened by becojo 9 months ago

#81 - Fix Version Variables

Pull Request - State: closed - Opened by SUSTAPLE117 9 months ago

#81 - Fix Version Variables

Pull Request - State: closed - Opened by SUSTAPLE117 9 months ago

#80 - Skip Output Only For Empty Results for Pretty Print

Pull Request - State: closed - Opened by SUSTAPLE117 9 months ago

#79 - Add Error for Empty Organization

Pull Request - State: closed - Opened by SUSTAPLE117 9 months ago

#78 - using analyze_local in a container

Issue - State: closed - Opened by becojo 9 months ago

#78 - using analyze_local in a container

Issue - State: closed - Opened by becojo 9 months ago

#77 - Adding ignore-forks flag example and config file

Pull Request - State: closed - Opened by SUSTAPLE117 9 months ago

#77 - Adding ignore-forks flag example and config file

Pull Request - State: closed - Opened by SUSTAPLE117 9 months ago

#76 - Bump github.com/xanzy/go-gitlab from 0.100.0 to 0.105.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, go

#76 - Bump github.com/xanzy/go-gitlab from 0.100.0 to 0.105.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, go

#75 - Unable to analyze local repositories

Issue - State: closed - Opened by AppSecAmael 9 months ago - 2 comments

#75 - Unable to analyze local repositories

Issue - State: closed - Opened by AppSecAmael 9 months ago - 2 comments

#74 - README/help/blog post discrepancies

Issue - State: open - Opened by AppSecAmael 9 months ago

#74 - README/help/blog post discrepancies

Issue - State: open - Opened by AppSecAmael 9 months ago

#73 - Add Filter Out Forks For Analyze Org

Pull Request - State: closed - Opened by SUSTAPLE117 9 months ago - 1 comment

#73 - Add Filter Out Forks For Analyze Org

Pull Request - State: closed - Opened by SUSTAPLE117 9 months ago - 1 comment

#72 - Update release.yml

Pull Request - State: closed - Opened by becojo 9 months ago

#72 - Update release.yml

Pull Request - State: closed - Opened by becojo 9 months ago

#71 - Missing injection sources

Issue - State: open - Opened by fproulx-boostsecurity 9 months ago

#71 - Missing injection sources

Issue - State: open - Opened by fproulx-boostsecurity 9 months ago

#69 - fix running poutine without a config file

Pull Request - State: closed - Opened by becojo 9 months ago

#69 - fix running poutine without a config file

Pull Request - State: closed - Opened by becojo 9 months ago

#68 - untrusted_checkout_exec: consider workflow_run triggered from PRs

Pull Request - State: closed - Opened by becojo 9 months ago

#68 - untrusted_checkout_exec: consider workflow_run triggered from PRs

Pull Request - State: closed - Opened by becojo 9 months ago

#67 - fix: verbose log level

Pull Request - State: closed - Opened by becojo 9 months ago - 1 comment

#67 - fix: verbose log level

Pull Request - State: closed - Opened by becojo 9 months ago - 1 comment

#66 - fix: ensure CLI args don't equal to legacyFlag

Pull Request - State: closed - Opened by becojo 9 months ago