Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / brave/security-action issues and pull requests

#596 - generate-compound.rb: generate compound.yml file for cmd line tests

Pull Request - State: closed - Opened by thypon 6 months ago

#595 - Use my work email and add Yan to licensing rule

Pull Request - State: closed - Opened by fmarier 6 months ago

#594 - licensing.yaml: include metadata

Pull Request - State: closed - Opened by thypon 6 months ago

#593 - chore(deps): update dependency semgrep to ~=1.72.0

Pull Request - State: closed - Opened by renovate[bot] 6 months ago - 1 comment
Labels: puLL-Merge

#592 - chore(deps): update actions/checkout action to v4.1.5

Pull Request - State: closed - Opened by renovate[bot] 6 months ago

#591 - Move license-related hotwords to a rule

Pull Request - State: closed - Opened by fmarier 6 months ago
Labels: needs-security-review

#590 - CODEOWNERS: remove sec-team from owners

Pull Request - State: closed - Opened by thypon 7 months ago

#589 - sendSlackMessage: no more than 50 blocks

Pull Request - State: closed - Opened by thypon 7 months ago

#588 - dependabotNudge: cut at 50 messages, and add a cont

Pull Request - State: closed - Opened by thypon 7 months ago

#587 - sendSlackMessage.js: add text to avoid warnings

Pull Request - State: closed - Opened by thypon 7 months ago

#586 - blocklist.txt: remove go.lang.security.audit.net.use-tls.use-tls

Pull Request - State: closed - Opened by thypon 7 months ago

#585 - Update action.yml

Pull Request - State: closed - Opened by fmarier 7 months ago

#584 - Add `bridiver` to iOS JS inject rule assignees

Pull Request - State: closed - Opened by stoletheminerals 7 months ago

#583 - chore(deps): update tj-actions/changed-files action to v44

Pull Request - State: closed - Opened by renovate[bot] 7 months ago - 1 comment
Labels: puLL-Merge

#582 - action.yml: move to a single JS action

Pull Request - State: open - Opened by thypon 7 months ago

#581 - chore(deps): update dependency semgrep to ~=1.71.0

Pull Request - State: closed - Opened by renovate[bot] 7 months ago

#580 - action.yml: reformat comments-before

Pull Request - State: closed - Opened by thypon 7 months ago - 1 comment
Labels: needs-security-review, puLL-Merge

#579 - dependabot-dismiss.txt: add GHSA-2qv5-7mw5-j3cg

Pull Request - State: closed - Opened by thypon 7 months ago

#578 - New rule: internal-digest-call

Pull Request - State: closed - Opened by thypon 7 months ago
Labels: needs-security-review

#577 - action.yml: fix shell

Pull Request - State: closed - Opened by thypon 7 months ago

#576 - action.yml: don't cache apt packages

Pull Request - State: closed - Opened by thypon 7 months ago

#575 - chore(deps): update dependency semgrep to ~=1.70.0

Pull Request - State: closed - Opened by renovate[bot] 7 months ago - 1 comment
Labels: puLL-Merge

#574 - fix(deps): update dependency @slack/web-api to v7.0.4

Pull Request - State: closed - Opened by renovate[bot] 7 months ago - 1 comment
Labels: puLL-Merge

#573 - chore(deps): update actions/checkout action to v4.1.4

Pull Request - State: closed - Opened by renovate[bot] 7 months ago - 2 comments
Labels: puLL-Merge

#571 - chore(deps): update dependency semgrep to ~=1.68.0

Pull Request - State: closed - Opened by renovate[bot] 7 months ago - 1 comment

#570 - semgrep_rules: remove chromium-raw_ptr

Pull Request - State: closed - Opened by thypon 8 months ago - 1 comment

#569 - Remove `raw_ptr` rule

Issue - State: closed - Opened by thypon 8 months ago - 1 comment
Labels: bug

#568 - build(deps-dev): bump transformers from 4.36.2 to 4.38.0 in /t3sts/pipaudit

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 2 comments
Labels: dependencies, python

#567 - Bugfix/remove logs for tfsec pip audit

Pull Request - State: closed - Opened by thypon 8 months ago - 1 comment
Labels: unverified-commits

#566 - tfsec.sh: tfvars through find

Pull Request - State: closed - Opened by thypon 8 months ago

#565 - fix(deps): update dependency @octokit/core to v5.2.0

Pull Request - State: closed - Opened by renovate[bot] 8 months ago - 1 comment

#564 - security rules: April 2024 Update

Pull Request - State: closed - Opened by thypon 8 months ago - 2 comments
Labels: needs-security-review, puLL-Merge

#563 - chore(deps): update dependency semgrep to ~=1.67.0

Pull Request - State: closed - Opened by renovate[bot] 8 months ago - 1 comment
Labels: puLL-Merge

#562 - chore(deps): update actions/setup-python action to v5.1.0

Pull Request - State: closed - Opened by renovate[bot] 8 months ago - 1 comment
Labels: puLL-Merge

#561 - *: remove CodeQL

Pull Request - State: closed - Opened by thypon 8 months ago - 1 comment

#560 - chore(deps): update dependency semgrep to ~=1.66.0

Pull Request - State: closed - Opened by renovate[bot] 8 months ago - 1 comment
Labels: puLL-Merge

#559 - chore(deps): update github/codeql-action action to v3.24.9

Pull Request - State: closed - Opened by renovate[bot] 8 months ago

#558 - chore(deps): update actions/cache action to v4.0.2

Pull Request - State: closed - Opened by renovate[bot] 8 months ago - 1 comment

#557 - Add more auth-related keywords

Pull Request - State: closed - Opened by fmarier 8 months ago

#556 - Add iOS Javascript injection rules

Pull Request - State: closed - Opened by stoletheminerals 8 months ago
Labels: needs-security-review

#555 - build(deps-dev): bump fastapi from 0.104.1 to 0.109.1 in /t3sts/pipaudit

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 3 comments
Labels: dependencies, python

#554 - chore(deps): pin actions/setup-python action to 0a5c615

Pull Request - State: closed - Opened by renovate[bot] 8 months ago - 2 comments

#553 - pip-audit: Support pyproject.toml [project].dependencies

Pull Request - State: closed - Opened by bcaller 8 months ago
Labels: needs-security-review

#552 - chore(deps): update reviewdog/action-setup action to v1.3.0

Pull Request - State: closed - Opened by renovate[bot] 8 months ago - 1 comment

#551 - chore(deps): update dependency semgrep to ~=1.65.0

Pull Request - State: closed - Opened by renovate[bot] 8 months ago - 1 comment
Labels: puLL-Merge

#550 - chore(deps): update github/codeql-action action to v3.24.8

Pull Request - State: closed - Opened by renovate[bot] 8 months ago - 1 comment

#549 - reviewdog: upgrade from grep based to fnmatch based, add per-repo set…

Pull Request - State: closed - Opened by thypon 8 months ago - 1 comment

#548 - Exclude `third_party/blink/renderer/*` from the raw_ptr rule

Issue - State: closed - Opened by fmarier 8 months ago
Labels: bug

#547 - build(deps): bump follow-redirects from 1.15.4 to 1.15.6

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 1 comment
Labels: dependencies, javascript

#546 - action.yml: remove auth hotword

Pull Request - State: closed - Opened by thypon 9 months ago - 1 comment
Labels: needs-security-review

#545 - chore(deps): update tj-actions/changed-files action to v42.1.0

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 1 comment
Labels: puLL-Merge

#544 - chore(deps): update dependency semgrep to ~=1.64.0

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 1 comment

#543 - action.yml: remove security hotword

Pull Request - State: closed - Opened by thypon 9 months ago - 1 comment
Labels: needs-security-review

#542 - Add some keywords

Pull Request - State: closed - Opened by diracdeltas 9 months ago

#541 - action.yml: update tfsec

Pull Request - State: closed - Opened by thypon 9 months ago

#540 - Add Android Resolve Intent rule

Pull Request - State: closed - Opened by stoletheminerals 9 months ago
Labels: needs-security-review

#539 - `unsafe_load` ruleset for ruby

Issue - State: open - Opened by thypon 9 months ago
Labels: enhancement

#538 - Move scripttagextractor to AI

Pull Request - State: open - Opened by thypon 9 months ago - 1 comment
Labels: needs-security-review

#537 - raw_ptr rule should ignore `const char*`

Issue - State: closed - Opened by fmarier 9 months ago
Labels: bug

#536 - False positive VLOG(1) << "string"

Issue - State: closed - Opened by fmarier 9 months ago - 2 comments
Labels: bug

#535 - chore(deps): update dependency semgrep to ~=1.63.0

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 1 comment
Labels: puLL-Merge

#534 - chore(deps): update tj-actions/changed-files action to v42.0.5

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 1 comment

#533 - chore(deps): update github/codeql-action action to v3.24.6

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 1 comment

#532 - chore(deps): update actions/cache action to v4.0.1

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 1 comment

#531 - semgrep rules: March 2024 Update

Pull Request - State: closed - Opened by thypon 9 months ago - 1 comment
Labels: puLL-Merge

#530 - action.yml: extra gh2slack fixes

Pull Request - State: closed - Opened by thypon 9 months ago

#529 - action.yml: remove extra @ in slack actor

Pull Request - State: closed - Opened by thypon 9 months ago

#528 - workflows bugfix: case insensitive github->slack name match

Pull Request - State: closed - Opened by thypon 9 months ago

#527 - `unwrap` rule it's too noisy

Issue - State: open - Opened by thypon 9 months ago
Labels: bug

#526 - github workflows: spread jobs to not incur in RL

Pull Request - State: closed - Opened by thypon 9 months ago - 2 comments
Labels: unverified-commits

#525 - r.ParseMultipartForm and io.ReadAll update

Pull Request - State: closed - Opened by bcaller 9 months ago
Labels: needs-security-review

#524 - Revert "action.yml: temp out"

Pull Request - State: closed - Opened by thypon 9 months ago

#523 - chore(deps): update tj-actions/changed-files action to v42.0.4

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 1 comment
Labels: puLL-Merge

#522 - chore(deps): update github/codeql-action action to v3.24.5 - autoclosed

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 1 comment

#520 - blocklist.txt: readd k8s rules

Pull Request - State: closed - Opened by thypon 9 months ago

#519 - K8s rules are annoying

Pull Request - State: closed - Opened by bcaller 9 months ago

#518 - pip-audit allow directories to be installed

Pull Request - State: open - Opened by bcaller 9 months ago - 2 comments

#517 - chore(deps): update dependency semgrep to ~=1.62.0

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 2 comments

#516 - chore(deps): update awalsh128/cache-apt-pkgs-action action to v1.4.2 - autoclosed

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 2 comments
Labels: needs-security-review, puLL-Merge

#515 - fix(deps): update dependency @slack/web-api to v7.0.2

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 1 comment
Labels: puLL-Merge

#514 - chore(deps): update github/codeql-action action to v3.24.4

Pull Request - State: closed - Opened by renovate[bot] 9 months ago - 2 comments

#513 - action.yml: temp out

Pull Request - State: closed - Opened by thypon 9 months ago

#512 - blocklist.txt: remove element style annoyance from dtd check

Pull Request - State: closed - Opened by thypon 9 months ago

#511 - Added copy-repo-secrets-to-org-secrets.yml

Pull Request - State: closed - Opened by wknapik 9 months ago

#510 - chore(deps): update jaxxstorm/action-install-gh-release action to v1.11.0

Pull Request - State: closed - Opened by renovate[bot] 10 months ago - 1 comment

#509 - chore(deps): update dependency semgrep to ~=1.60.1

Pull Request - State: closed - Opened by renovate[bot] 10 months ago - 1 comment

#508 - chore(deps): update reviewdog/action-setup action to v1.2.1

Pull Request - State: closed - Opened by renovate[bot] 10 months ago - 1 comment

#507 - chore(deps): update actions/setup-node action to v4.0.2

Pull Request - State: closed - Opened by renovate[bot] 10 months ago - 1 comment
Labels: puLL-Merge

#505 - dependabotNudge: filter nudges for available patched versions

Pull Request - State: closed - Opened by thypon 10 months ago

#504 - dependabot-nudge: use gt 7 as trigger

Pull Request - State: closed - Opened by thypon 10 months ago - 1 comment
Labels: unverified-commits

#503 - chore(deps): update github/codeql-action action to v3.24.0

Pull Request - State: closed - Opened by renovate[bot] 10 months ago - 1 comment
Labels: puLL-Merge

#502 - semgrep rules: February 2024 Update

Pull Request - State: closed - Opened by thypon 10 months ago - 1 comment
Labels: needs-security-review, puLL-Merge

#501 - *: add renovate-sanity-check workflow

Pull Request - State: closed - Opened by thypon 10 months ago

#500 - chore(deps): update dependency brakeman to v6.1.2

Pull Request - State: closed - Opened by renovate[bot] 10 months ago - 1 comment

#499 - chore(deps): update dependency semgrep to ~=1.59.0

Pull Request - State: closed - Opened by renovate[bot] 10 months ago - 2 comments
Labels: puLL-Merge

#498 - chore(deps): update github/codeql-action action to v3.23.2

Pull Request - State: closed - Opened by renovate[bot] 10 months ago - 1 comment
Labels: puLL-Merge

#497 - chore(deps): update tj-actions/changed-files action to v42.0.2

Pull Request - State: closed - Opened by renovate[bot] 10 months ago - 2 comments