Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / enterprise-contract/ec-policies issues and pull requests

#1266 - Make cve test data readable

Pull Request - State: closed - Opened by lcarva 17 days ago

#1265 - Bump actions/upload-artifact from 4.5.0 to 4.6.0

Pull Request - State: open - Opened by dependabot[bot] 18 days ago
Labels: dependencies, github_actions

#1264 - Bump step-security/harden-runner from 2.10.2 to 2.10.3

Pull Request - State: open - Opened by dependabot[bot] 18 days ago
Labels: dependencies, github_actions

#1263 - Bump github/codeql-action from 3.28.0 to 3.28.1

Pull Request - State: open - Opened by dependabot[bot] 18 days ago
Labels: dependencies, github_actions

#1262 - Use go 1.23

Pull Request - State: closed - Opened by lcarva 18 days ago

#1261 - Bump golang.org/x/net from 0.30.0 to 0.33.0

Pull Request - State: open - Opened by dependabot[bot] 21 days ago
Labels: dependencies, go

#1260 - Bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0

Pull Request - State: open - Opened by dependabot[bot] 21 days ago
Labels: dependencies, go

#1259 - Bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0 in /acceptance

Pull Request - State: open - Opened by dependabot[bot] 21 days ago
Labels: dependencies, go

#1258 - Bump golang.org/x/net from 0.28.0 to 0.33.0 in /acceptance

Pull Request - State: open - Opened by dependabot[bot] 21 days ago
Labels: dependencies, go

#1257 - Allow list of RPM repo IDs to be extended

Pull Request - State: closed - Opened by lcarva 21 days ago

#1256 - Bump effective_on of step_images_accessible

Pull Request - State: closed - Opened by lcarva 25 days ago

#1255 - Bump github/codeql-action from 3.27.9 to 3.28.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#1254 - Bump actions/upload-artifact from 4.4.3 to 4.5.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#1253 - Bump codecov/codecov-action from 5.1.1 to 5.1.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#1252 - Bump oras.land/oras from 1.2.1 to 1.2.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go

#1251 - feat(ec-965): verify a set of pullspecs related to an image

Pull Request - State: open - Opened by arewm about 1 month ago

#1250 - Trim whitespace from image ref

Pull Request - State: closed - Opened by joejstuart about 1 month ago

#1249 - Bump github/codeql-action from 3.27.7 to 3.27.9

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#1248 - Bump actions/setup-go from 5.1.0 to 5.2.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#1247 - Bump golang.org/x/crypto from 0.28.0 to 0.31.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#1246 - Bump golang.org/x/crypto from 0.26.0 to 0.31.0 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#1245 - Bump github/codeql-action from 3.27.6 to 3.27.7

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#1244 - Trim white-spaces when parsing image references

Issue - State: open - Opened by lcarva about 2 months ago - 1 comment

#1243 - Show rhtap-multi-ci collection in generated docs

Pull Request - State: closed - Opened by simonbaird about 2 months ago

#1242 - Bump github/codeql-action from 3.27.5 to 3.27.6

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#1241 - Bump codecov/codecov-action from 5.0.7 to 5.1.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#1240 - Bump github.com/tektoncd/cli from 0.38.1 to 0.39.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#1239 - Bump oras.land/oras from 1.2.0 to 1.2.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#1238 - Document the `task_expiry_warning_days` rule data

Pull Request - State: closed - Opened by zregvart about 2 months ago

#1237 - Fix step_images.step_images_accessible check

Pull Request - State: closed - Opened by lcarva 2 months ago - 4 comments

#1236 - More code reuse for RHTAP Multi-CI rego

Pull Request - State: closed - Opened by simonbaird 2 months ago - 1 comment

#1235 - Bump step-security/harden-runner from 2.10.1 to 2.10.2

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1234 - Bump github/codeql-action from 3.27.4 to 3.27.5

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1233 - Bump codecov/codecov-action from 5.0.2 to 5.0.7

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1232 - Add StepAction policy rules

Pull Request - State: closed - Opened by lcarva 2 months ago

#1231 - Update outdated information in README.md

Pull Request - State: closed - Opened by lcarva 2 months ago

#1230 - Emit term for base_image_permitted

Pull Request - State: closed - Opened by lcarva 2 months ago

#1229 - Remove support for SBOM from image

Pull Request - State: closed - Opened by lcarva 2 months ago

#1228 - Don't warn of newer tasks if in grace period

Pull Request - State: closed - Opened by zregvart 2 months ago - 7 comments

#1227 - Remove severity reduction to warning

Pull Request - State: closed - Opened by zregvart 2 months ago

#1226 - Remove the unique items constraint

Pull Request - State: closed - Opened by zregvart 2 months ago

#1225 - Set dupe entries as warnings in trusted tasks

Pull Request - State: closed - Opened by lcarva 2 months ago - 1 comment

#1224 - Bump github.com/styrainc/regal from 0.28.0 to 0.29.2

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1223 - Bump github/codeql-action from 3.27.1 to 3.27.4

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1222 - Bump codecov/codecov-action from 4.6.0 to 5.0.2

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1221 - Add rule for PRIVILEGED_NESTED buildah parameter

Pull Request - State: closed - Opened by zregvart 3 months ago - 2 comments

#1220 - Check accessibility of Step images

Pull Request - State: closed - Opened by zregvart 3 months ago - 1 comment

#1219 - Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1218 - Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1217 - Bump github/codeql-action from 3.27.0 to 3.27.1

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1216 - Small refactor in preparation for RHTAP multi-ci

Pull Request - State: closed - Opened by simonbaird 3 months ago - 1 comment

#1215 - RHTAP multi-ci initial MVP

Pull Request - State: closed - Opened by simonbaird 3 months ago - 1 comment

#1213 - README is outdated

Issue - State: closed - Opened by kosciCZ 3 months ago - 1 comment

#1212 - Add allowed package sources policy

Pull Request - State: closed - Opened by kosciCZ 3 months ago - 3 comments

#1211 - Ignore missing SBOM for Image Indexes

Pull Request - State: closed - Opened by lcarva 3 months ago

#1211 - Ignore missing SBOM for Image Indexes

Pull Request - State: closed - Opened by lcarva 3 months ago

#1209 - Bump actions/checkout from 4.2.1 to 4.2.2

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1209 - Bump actions/checkout from 4.2.1 to 4.2.2

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1208 - Bump github/codeql-action from 3.26.13 to 3.27.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1208 - Bump github/codeql-action from 3.26.13 to 3.27.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1207 - Bump actions/setup-go from 5.0.2 to 5.1.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1207 - Bump actions/setup-go from 5.0.2 to 5.1.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1206 - Add documentation for CVE rule data

Pull Request - State: closed - Opened by zregvart 3 months ago

#1206 - Add documentation for CVE rule data

Pull Request - State: closed - Opened by zregvart 3 months ago

#1205 - Documentation of rule data

Issue - State: open - Opened by zregvart 3 months ago

#1204 - Add lib.json package with JSON schema validation

Pull Request - State: closed - Opened by zregvart 3 months ago

#1204 - Add lib.json package with JSON schema validation

Pull Request - State: closed - Opened by zregvart 3 months ago

#1203 - [BUG] All `SBOM_BLOB_URL`s are fetched

Issue - State: closed - Opened by zregvart 4 months ago - 3 comments
Labels: bug

#1203 - [BUG] All `SBOM_BLOB_URL`s are fetched

Issue - State: closed - Opened by zregvart 4 months ago - 3 comments
Labels: bug

#1202 - Ignore SBOM URLs for other images

Pull Request - State: closed - Opened by lcarva 3 months ago - 1 comment

#1202 - Ignore SBOM URLs for other images

Pull Request - State: closed - Opened by lcarva 3 months ago - 1 comment

#1201 - Bump github.com/enterprise-contract/ec-cli from 0.6.60 to 0.6.73

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1200 - Bump github.com/open-policy-agent/conftest from 0.55.0 to 0.56.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 4 comments
Labels: dependencies, go

#1200 - Bump github.com/open-policy-agent/conftest from 0.55.0 to 0.56.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 4 comments
Labels: dependencies, go

#1199 - Schema validation for clair report

Issue - State: open - Opened by zregvart 3 months ago - 3 comments

#1199 - Schema validation for clair report

Issue - State: open - Opened by zregvart 3 months ago - 2 comments

#1198 - Flatten package names

Pull Request - State: closed - Opened by lcarva 4 months ago

#1198 - Flatten package names

Pull Request - State: closed - Opened by lcarva 4 months ago

#1197 - Drop support for fetching SBOM data from the image under test

Issue - State: closed - Opened by zregvart 4 months ago - 1 comment

#1196 - Bump github.com/enterprise-contract/ec-cli from 0.6.52 to 0.6.60

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 2 comments
Labels: dependencies, go

#1196 - Bump github.com/enterprise-contract/ec-cli from 0.6.52 to 0.6.60

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 2 comments
Labels: dependencies, go

#1195 - Bump actions/upload-artifact from 4.4.0 to 4.4.3

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1195 - Bump actions/upload-artifact from 4.4.0 to 4.4.3

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1194 - Bump actions/checkout from 4.2.0 to 4.2.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1194 - Bump actions/checkout from 4.2.0 to 4.2.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1193 - Bump github/codeql-action from 3.26.11 to 3.26.13

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1193 - Bump github/codeql-action from 3.26.11 to 3.26.13

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1192 - Make sure `ec` is built with network

Pull Request - State: closed - Opened by zregvart 4 months ago - 1 comment

#1192 - Make sure `ec` is built with network

Pull Request - State: closed - Opened by zregvart 4 months ago - 1 comment

#1191 - Update golang to 1.22.7

Pull Request - State: closed - Opened by zregvart 4 months ago - 2 comments

#1191 - Update golang to 1.22.7

Pull Request - State: closed - Opened by zregvart 4 months ago - 2 comments

#1190 - SBOM loading optimization

Pull Request - State: closed - Opened by zregvart 4 months ago - 2 comments

#1189 - Cleanup the hack/update-bundles.sh script

Pull Request - State: closed - Opened by zregvart 4 months ago - 1 comment

#1189 - Cleanup the hack/update-bundles.sh script

Pull Request - State: closed - Opened by zregvart 4 months ago - 1 comment

#1188 - Run tests offline on Linux

Pull Request - State: closed - Opened by zregvart 4 months ago - 2 comments

#1188 - Run tests offline on Linux

Pull Request - State: closed - Opened by zregvart 4 months ago - 2 comments