Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / brave/security-action issues and pull requests
#294 - chore(deps): update dependency semgrep to ~=1.34.0
Pull Request -
State: closed - Opened by renovate[bot] over 1 year ago
#293 - no-backticks-in-js-handlers.yaml: fixes
Pull Request -
State: closed - Opened by thypon over 1 year ago
- 1 comment
#292 - Features/ruleset no backticks in js handlers
Pull Request -
State: closed - Opened by thypon over 1 year ago
Labels: needs-security-review
#291 - action.yml: hotword crypto->cryptography
Pull Request -
State: closed - Opened by thypon over 1 year ago
Labels: needs-security-review
#290 - New rule: chromium-raw-ptr
Pull Request -
State: closed - Opened by thypon over 1 year ago
Labels: needs-security-review
#289 - [brave-core] Investigate warning on raw pointers in struct and classes
Issue -
State: closed - Opened by fmarier over 1 year ago
- 2 comments
Labels: enhancement
#288 - chore(deps): update dependency semgrep to ~=1.33.2
Pull Request -
State: closed - Opened by renovate[bot] over 1 year ago
#287 - url-constructor-base.yaml: add assignees
Pull Request -
State: closed - Opened by thypon over 1 year ago
#286 - chore(deps): update dependency brakeman to v6.0.1
Pull Request -
State: closed - Opened by renovate[bot] over 1 year ago
#285 - action.yml: fix assignee
Pull Request -
State: closed - Opened by thypon over 1 year ago
Labels: needs-security-review
#284 - chromium-insecure-gurl: fix gurl detection
Pull Request -
State: closed - Opened by thypon over 1 year ago
#283 - brave-missing-break-in-switch.yaml: pattern-not NOTREACHED_NORETURN
Pull Request -
State: closed - Opened by thypon over 1 year ago
- 2 comments
Labels: needs-security-review
#282 - mismatched-memory-management-cpp.yaml: remove delete(this)
Pull Request -
State: closed - Opened by thypon over 1 year ago
#281 - t3sts: fix semgrep rule ids
Pull Request -
State: closed - Opened by thypon over 1 year ago
#280 - brave-isolated-world.yaml: catch extra regex
Pull Request -
State: closed - Opened by thypon over 1 year ago
#279 - New ruleset: chromium-insecure-gurl.yaml
Pull Request -
State: closed - Opened by thypon over 1 year ago
Labels: needs-security-review
#278 - chromium-uaf.yaml: add pref_change_registrar_ in allowlist
Pull Request -
State: closed - Opened by thypon over 1 year ago
#277 - Do not merge
Pull Request -
State: closed - Opened by bcaller over 1 year ago
Labels: needs-security-review
#276 - Do not merge
Pull Request -
State: closed - Opened by bcaller over 1 year ago
#275 - Error reading JToken from JsonReader #274
Pull Request -
State: closed - Opened by bcaller over 1 year ago
#274 - Error reading JToken from JsonReader
Issue -
State: closed - Opened by bcaller over 1 year ago
- 1 comment
#273 - chore(deps): update dependency semgrep to ~=1.32.0
Pull Request -
State: closed - Opened by renovate[bot] over 1 year ago
#272 - Look for "GURL origin" in brave-core C++ code
Issue -
State: closed - Opened by fmarier over 1 year ago
Labels: enhancement
#271 - --trusted-host in pip-audit also required
Pull Request -
State: closed - Opened by bcaller over 1 year ago
#270 - Pip extra index url
Pull Request -
State: closed - Opened by bcaller over 1 year ago
Labels: needs-security-review
#269 - chromium-uaf.yaml: pattern-not-inside web_ui
Pull Request -
State: closed - Opened by thypon over 1 year ago
#268 - Sometimes package-lock contains npm_modules/ prefix
Pull Request -
State: closed - Opened by bcaller over 1 year ago
#267 - build(deps): bump flask from 2.3.1 to 2.3.2 in /t3sts/pipaudit
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 2 comments
Labels: dependencies, python
#266 - Full loop check scanners
Pull Request -
State: closed - Opened by bcaller over 1 year ago
Labels: needs-security-review
#265 - reviewdog.yml: fix
Pull Request -
State: closed - Opened by thypon over 1 year ago
#264 - action.yml: add assignees
Pull Request -
State: closed - Opened by thypon over 1 year ago
#263 - *: use <br> instead of <br/>
Pull Request -
State: closed - Opened by thypon over 1 year ago
#262 - action.yml: bodyText -> body
Pull Request -
State: closed - Opened by thypon over 1 year ago
#261 - cleaner.rb: don't assign to the whole security-team
Pull Request -
State: closed - Opened by thypon over 1 year ago
#260 - reviewdog.yml: fix a typo
Pull Request -
State: closed - Opened by thypon over 1 year ago
#259 - chromium-uaf.yaml: add assignees
Pull Request -
State: closed - Opened by thypon over 1 year ago
#258 - New file: assets/cleaner.rb
Pull Request -
State: closed - Opened by thypon over 1 year ago
- 1 comment
#257 - [Check new repos] not working when repos are moved of ownership, instead of created
Issue -
State: closed - Opened by thypon over 1 year ago
- 1 comment
Labels: bug
#256 - chore(deps): update dependency semgrep to ~=1.31.0
Pull Request -
State: closed - Opened by renovate[bot] over 1 year ago
#255 - reviewdog.yml: replace newline with <br>
Pull Request -
State: closed - Opened by thypon over 1 year ago
#254 - Cleanup if removed `needs-security-action`
Issue -
State: open - Opened by thypon over 1 year ago
- 3 comments
Labels: enhancement
#253 - check-new-repos.yml: use PAT
Pull Request -
State: closed - Opened by thypon over 1 year ago
#252 - chore(deps): update dependency pip-audit to ~=2.6.0
Pull Request -
State: closed - Opened by renovate[bot] over 1 year ago
#251 - dtd/blocklist.txt: don't alert for third_party svgs
Pull Request -
State: closed - Opened by thypon over 1 year ago
#250 - action.yml: error message multiline
Pull Request -
State: closed - Opened by thypon over 1 year ago
#249 - check-new-repos: fix (attempt #2)
Pull Request -
State: closed - Opened by thypon over 1 year ago
#248 - check-new-repos: fix action
Pull Request -
State: closed - Opened by thypon over 1 year ago
#247 - tfsec.sh: use tfvars if present
Pull Request -
State: closed - Opened by thypon over 1 year ago
#246 - semgrep_rules: june update
Pull Request -
State: closed - Opened by thypon over 1 year ago
#245 - Brokeman
Pull Request -
State: closed - Opened by bcaller over 1 year ago
Labels: needs-security-review
#244 - npm audit patch
Pull Request -
State: closed - Opened by bcaller over 1 year ago
Labels: needs-security-review
#243 - chore(deps): update dependency semgrep to ~=1.30.0
Pull Request -
State: closed - Opened by renovate[bot] over 1 year ago
#242 - Add ISOLATED_WORLD_ID_BRAVE_INTERNAL
Issue -
State: closed - Opened by thypon over 1 year ago
#241 - action.yml: don't trigger hotwords on renovate[bot]
Pull Request -
State: closed - Opened by thypon over 1 year ago
#240 - Brakeman22
Pull Request -
State: closed - Opened by bcaller over 1 year ago
Labels: needs-security-review
#239 - Update tj-actions/changed-files action to v37
Pull Request -
State: closed - Opened by renovate[bot] over 1 year ago
#238 - do not merge
Pull Request -
State: closed - Opened by bcaller over 1 year ago
Labels: needs-security-review
#237 - pip-audit.py for -e
Pull Request -
State: closed - Opened by bcaller over 1 year ago
- 1 comment
#236 - breakman
Pull Request -
State: closed - Opened by bcaller over 1 year ago
Labels: needs-security-review
#235 - chromium-uaf.yaml: remove browser allowlist
Pull Request -
State: closed - Opened by thypon over 1 year ago
#234 - action.yml: require('fs') in fail-load-head action
Pull Request -
State: closed - Opened by thypon over 1 year ago
#233 - action.yml: add error messages to slack
Pull Request -
State: closed - Opened by thypon over 1 year ago
#232 - reviewdog.sh: disable brakeman
Pull Request -
State: closed - Opened by thypon over 1 year ago
#231 - Fix for npm-audit when package.json in root
Pull Request -
State: closed - Opened by bcaller over 1 year ago
#230 - Bugfix/no more labels assignees for some reason
Pull Request -
State: closed - Opened by thypon over 1 year ago
Labels: needs-security-review
#229 - chromium-uaf.yaml: remove browser from alerts
Pull Request -
State: closed - Opened by thypon over 1 year ago
#228 - move to trigger
Pull Request -
State: closed - Opened by thypon over 1 year ago
#227 - Add self-tests for `tfsec`, `brakeman` and the rest of the integrations
Issue -
State: open - Opened by thypon over 1 year ago
Labels: enhancement
#226 - Fix security action again
Pull Request -
State: closed - Opened by bcaller over 1 year ago
#225 - reviewdog.*: refactor erroring
Pull Request -
State: closed - Opened by thypon over 1 year ago
#224 - reviewdog.*: better reviewdog errors
Pull Request -
State: closed - Opened by thypon over 1 year ago
#223 - chromium-uaf: better detection
Pull Request -
State: closed - Opened by thypon over 1 year ago
#222 - Improve `chromium-uaf` ruleset as advised by @goodov
Issue -
State: closed - Opened by thypon over 1 year ago
Labels: bug
#221 - chromium-bind-uaf.yaml: any Unretained should trigger
Pull Request -
State: closed - Opened by thypon over 1 year ago
- 1 comment
#220 - Multiple failures with `sveltegrep`
Issue -
State: closed - Opened by thypon over 1 year ago
- 1 comment
Labels: bug
#219 - Update dependency semgrep to ~=1.28.0
Pull Request -
State: closed - Opened by renovate[bot] over 1 year ago
#218 - Update chromium-bind-uaf.yaml
Pull Request -
State: closed - Opened by thypon over 1 year ago
#217 - Testing PR, expect comments, don't merge
Pull Request -
State: closed - Opened by bcaller over 1 year ago
- 1 comment
#216 - chromium-bind-uaf.yaml: clarify rule message
Pull Request -
State: closed - Opened by thypon over 1 year ago
#215 - reviewdog.yml: fail on error
Pull Request -
State: closed - Opened by thypon over 1 year ago
#214 - reviewdog.yml: unfix brakeman
Pull Request -
State: closed - Opened by thypon over 1 year ago
#213 - Also trim .extractedscript.js
Pull Request -
State: closed - Opened by bcaller over 1 year ago
#212 - Fix enabled flag
Issue -
State: closed - Opened by bcaller over 1 year ago
- 2 comments
#211 - Allow manual running of reviewdog on full repo
Pull Request -
State: closed - Opened by bcaller over 1 year ago
- 1 comment
#210 - New workflow: daily check new repos
Pull Request -
State: closed - Opened by thypon over 1 year ago
#191 - Missing break in switch
Issue -
State: closed - Opened by bcaller over 1 year ago
Labels: bug
#185 - Batch
Pull Request -
State: closed - Opened by bcaller over 1 year ago
Labels: needs-security-review
#184 - chore(deps): update ruby/setup-ruby digest to 8a45918
Pull Request -
State: open - Opened by renovate[bot] over 1 year ago
#183 - Features/consolidate code
Pull Request -
State: closed - Opened by thypon almost 2 years ago
Labels: needs-security-review
#182 - Bugfix/tfsec fail happily
Pull Request -
State: closed - Opened by thypon almost 2 years ago
#181 - Bugfix/tfsec fail happily
Pull Request -
State: closed - Opened by thypon almost 2 years ago
#180 - chore(deps): update dependency brakeman to v5.4.1
Pull Request -
State: closed - Opened by renovate[bot] almost 2 years ago
#179 - Revert "action.yml: cache python"
Pull Request -
State: closed - Opened by thypon almost 2 years ago
#178 - action.yml: python cache dependency path
Pull Request -
State: closed - Opened by thypon almost 2 years ago
#177 - tfsec: don't fail eagerly
Pull Request -
State: closed - Opened by thypon almost 2 years ago
#176 - action.yml: cache more
Pull Request -
State: closed - Opened by thypon almost 2 years ago
- 1 comment
#175 - chore(deps): update dependency semgrep to ~=1.22.0
Pull Request -
State: closed - Opened by renovate[bot] almost 2 years ago
#174 - chore(deps): update ruby/setup-ruby digest to 7d546f4
Pull Request -
State: closed - Opened by renovate[bot] almost 2 years ago
#173 - chore(deps): update dependency semgrep to ~=1.21.0
Pull Request -
State: closed - Opened by renovate[bot] almost 2 years ago
#172 - build(deps): bump flask from 0.5 to 2.3.2 in /t3sts/pipaudit
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, python