Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / enterprise-contract/ec-policies issues and pull requests
#1144 - Mention module purls in rpm repo id check
Pull Request -
State: open - Opened by simonbaird 13 days ago
- 1 comment
#1143 - Allow subpaths to be excluded in disallowed pkgs
Pull Request -
State: open - Opened by lcarva 13 days ago
- 2 comments
#1142 - Use PURL's subpath when matching disallowed pkgs
Pull Request -
State: closed - Opened by lcarva 13 days ago
- 4 comments
#1141 - VS Code things
Pull Request -
State: closed - Opened by lcarva 13 days ago
- 1 comment
#1140 - feat(STONEINTG-660): rename CLAIR_SCAN_RESULT>SCAN_OUTPUT
Pull Request -
State: open - Opened by jsztuka 14 days ago
- 4 comments
#1139 - Bump github.com/enterprise-contract/ec-cli from 0.5.144 to 0.6.5
Pull Request -
State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies, go
#1138 - Bump github.com/tektoncd/cli from 0.38.0 to 0.38.1
Pull Request -
State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies, go
#1137 - Bump github/codeql-action from 3.26.6 to 3.26.7
Pull Request -
State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies, github_actions
#1136 - Bump step-security/harden-runner from 2.9.1 to 2.10.1
Pull Request -
State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies, github_actions
#1135 - Confirm all rpms in sboms have a known repo id
Pull Request -
State: closed - Opened by simonbaird 20 days ago
- 7 comments
#1134 - Use custom EC OPA in VS Code
Pull Request -
State: closed - Opened by lcarva 21 days ago
- 1 comment
#1133 - Specific version support for required Task results
Pull Request -
State: closed - Opened by zregvart 21 days ago
- 1 comment
#1132 - Update description to only include sha1 entries
Pull Request -
State: closed - Opened by joejstuart 22 days ago
- 2 comments
#1131 - Bump github.com/enterprise-contract/ec-cli from 0.5.128 to 0.5.144
Pull Request -
State: closed - Opened by dependabot[bot] 22 days ago
- 2 comments
Labels: dependencies, go
#1130 - Bump github.com/styrainc/regal from 0.25.0 to 0.26.1
Pull Request -
State: closed - Opened by dependabot[bot] 22 days ago
- 3 comments
Labels: dependencies, go
#1129 - Document pitfalls of writing policy rules
Pull Request -
State: closed - Opened by lcarva 25 days ago
- 3 comments
#1128 - Remove Red Hat Manifests package
Pull Request -
State: closed - Opened by lcarva 26 days ago
- 1 comment
#1127 - Tweaks to fetching CycloneDX SBOM
Pull Request -
State: closed - Opened by lcarva 26 days ago
- 1 comment
#1126 - Add helper for extracting a repo id from a purl
Pull Request -
State: closed - Opened by simonbaird 27 days ago
- 5 comments
#1125 - Add policy rules to verify RPM sig keys
Pull Request -
State: closed - Opened by lcarva 27 days ago
- 3 comments
#1124 - Rework package path logic in result helper
Pull Request -
State: closed - Opened by simonbaird 28 days ago
- 2 comments
#1123 - Bump github/codeql-action from 3.26.5 to 3.26.6
Pull Request -
State: closed - Opened by dependabot[bot] 29 days ago
Labels: dependencies, github_actions
#1122 - Bump actions/upload-artifact from 4.3.6 to 4.4.0
Pull Request -
State: closed - Opened by dependabot[bot] 29 days ago
Labels: dependencies, github_actions
#1121 - Bump github.com/enterprise-contract/ec-cli from 0.5.120 to 0.5.128
Pull Request -
State: closed - Opened by dependabot[bot] 29 days ago
Labels: dependencies, go
#1120 - Set same golang version as in go.mod
Pull Request -
State: closed - Opened by zregvart 29 days ago
- 1 comment
#1119 - Document how to bundle policies
Issue -
State: open - Opened by lcarva about 1 month ago
#1118 - Add effective_on support to disallowed_attributes
Pull Request -
State: closed - Opened by lcarva about 1 month ago
- 1 comment
#1117 - Update ec-cli in acceptance tests
Pull Request -
State: closed - Opened by lcarva about 1 month ago
- 1 comment
#1116 - Verify Task definitions contain a certain result
Pull Request -
State: closed - Opened by lcarva about 1 month ago
- 1 comment
#1115 - Use ec.oci.image_files to fetch the SBOM from the image, if needed.
Issue -
State: closed - Opened by lcarva about 1 month ago
- 1 comment
#1114 - Bump github.com/tektoncd/cli from 0.37.0 to 0.38.0
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
- 1 comment
Labels: dependencies, go
#1113 - Bump github.com/enterprise-contract/ec-cli from 0.5.111 to 0.5.120
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go
#1112 - Bump github/codeql-action from 3.26.2 to 3.26.5
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions
#1111 - Bump github/codeql-action from 3.26.0 to 3.26.2
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions
#1110 - Bump github.com/styrainc/regal from 0.24.0 to 0.25.0
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
- 1 comment
Labels: dependencies, go
#1109 - Bump github.com/enterprise-contract/ec-cli from 0.5.95 to 0.5.111
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go
#1108 - Add Apache 2.0 license file
Pull Request -
State: closed - Opened by zregvart about 2 months ago
- 1 comment
#1107 - Bump github.com/docker/docker from 27.1.0+incompatible to 27.1.1+incompatible
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go
#1106 - Bump github/codeql-action from 3.25.15 to 3.26.0
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions
#1105 - Bump step-security/harden-runner from 2.9.0 to 2.9.1
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions
#1104 - Bump actions/upload-artifact from 4.3.5 to 4.3.6
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions
#1103 - Bump github.com/enterprise-contract/ec-cli from 0.5.84 to 0.5.95
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go
#1102 - Add support for required label values
Pull Request -
State: closed - Opened by lcarva about 2 months ago
- 1 comment
#1101 - Bump github.com/enterprise-contract/ec-cli from 0.5.68 to 0.5.84
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go
#1100 - Bump actions/upload-artifact from 4.3.4 to 4.3.5
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions
#1099 - Bump github.com/docker/docker from 27.0.3+incompatible to 27.1.0+incompatible
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go
#1098 - Bump github.com/docker/docker from 25.0.5+incompatible to 25.0.6+incompatible in /acceptance
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go
#1097 - Remove redhat-appstudio
Pull Request -
State: closed - Opened by lcarva 2 months ago
#1096 - Disallow certain PLATFORM patterns
Pull Request -
State: closed - Opened by lcarva 2 months ago
- 3 comments
#1095 - RHTAP Jenkins collection followups
Pull Request -
State: closed - Opened by simonbaird 2 months ago
- 2 comments
#1094 - Restrict usage of ADD_CAPABILITIES
Pull Request -
State: closed - Opened by lcarva 2 months ago
- 2 comments
#1093 - Remove deprecated_cve_result_name from collections
Pull Request -
State: closed - Opened by lcarva 2 months ago
- 1 comment
#1092 - Verify operator CSV images are from allowed registries
Pull Request -
State: closed - Opened by nmars 2 months ago
- 5 comments
#1091 - Add some checks for RHTAP Jenkins attestations
Pull Request -
State: closed - Opened by simonbaird 2 months ago
- 1 comment
#1090 - Consider finding counts in addition to status
Pull Request -
State: closed - Opened by zregvart 2 months ago
- 3 comments
#1089 - `watch` target to run tests in watch mode
Pull Request -
State: closed - Opened by zregvart 2 months ago
- 1 comment
#1088 - Bump github/codeql-action from 3.25.13 to 3.25.15
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions
#1087 - Bump ossf/scorecard-action from 2.3.3 to 2.4.0
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions
#1086 - Bump github.com/enterprise-contract/ec-cli from 0.5.56 to 0.5.68
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go
#1085 - Bump github.com/open-policy-agent/conftest from 0.54.0 to 0.55.0
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go
#1084 - Update some GitHub appstudio refs
Pull Request -
State: closed - Opened by simonbaird 2 months ago
- 2 comments
#1083 - New rule to check for container image label values
Issue -
State: closed - Opened by zregvart 2 months ago
- 3 comments
#1082 - Examine `konflux:container:is_builder_image:for_stage` formulation components properties
Issue -
State: closed - Opened by zregvart 2 months ago
- 2 comments
#1081 - Audit the use of `lib.results_named`
Issue -
State: closed - Opened by zregvart 2 months ago
- 8 comments
#1080 - Update README.md with steps to test with local ec-cli
Pull Request -
State: closed - Opened by yashvardhannanavati 2 months ago
- 1 comment
#1079 - Bump github.com/styrainc/regal from 0.23.1 to 0.24.0
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: dependencies, go
#1078 - Bump github.com/enterprise-contract/ec-cli from 0.5.46 to 0.5.56
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go
#1077 - Bump github/codeql-action from 3.25.12 to 3.25.13
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions
#1076 - Bump docker/login-action from 3.2.0 to 3.3.0
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions
#1075 - Bump step-security/harden-runner from 2.8.1 to 2.9.0
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions
#1074 - Set correct license headers
Pull Request -
State: closed - Opened by zregvart 3 months ago
- 3 comments
#1073 - Expect pinned references in input snapshot for operators
Pull Request -
State: closed - Opened by yashvardhannanavati 3 months ago
- 2 comments
#1072 - Bump github.com/enterprise-contract/ec-cli from 0.5.39 to 0.5.46
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go
#1071 - Bump actions/setup-go from 5.0.1 to 5.0.2
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions
#1070 - Bump github/codeql-action from 3.25.11 to 3.25.12
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions
#1069 - Redefine DOCKERFILE parameter check
Pull Request -
State: closed - Opened by zregvart 3 months ago
- 1 comment
#1068 - Bump google.golang.org/grpc from 1.64.0 to 1.64.1
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go
#1067 - Verify all operator CSV pull specs will be valid on release
Pull Request -
State: closed - Opened by yashvardhannanavati 3 months ago
- 3 comments
#1066 - Bump github.com/enterprise-contract/ec-cli from 0.5.26 to 0.5.39
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go
#1065 - feat: add an explicit allowlist rule for sbom external references
Pull Request -
State: closed - Opened by ralphbean 3 months ago
- 2 comments
#1064 - Bump actions/upload-artifact from 4.3.3 to 4.3.4
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions
#1063 - Bump github.com/enterprise-contract/ec-cli from 0.5.26 to 0.5.38
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, go
#1062 - Bump github.com/open-policy-agent/conftest from 0.53.0 to 0.54.0
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go
#1061 - Script to update examples
Pull Request -
State: closed - Opened by zregvart 3 months ago
- 1 comment
#1060 - Add disallowed package external references rule
Pull Request -
State: closed - Opened by ralphbean 3 months ago
- 4 comments
#1059 - Implement label checks using builtins
Pull Request -
State: closed - Opened by zregvart 3 months ago
- 2 comments
#1058 - Bump github.com/enterprise-contract/ec-cli from 0.5.17 to 0.5.26
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go
#1057 - Bump github.com/enterprise-contract/ec-cli from 0.5.17 to 0.5.25
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, go
#1056 - Bump github/codeql-action from 3.25.10 to 3.25.11
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions
#1055 - Add `effective_on` per attribute in `disallowed_attributes`
Issue -
State: open - Opened by zregvart 3 months ago
#1054 - Remove obsolete raw data page in documentation
Pull Request -
State: closed - Opened by simonbaird 3 months ago
- 1 comment
#1053 - Bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go
#1052 - Bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 in /acceptance
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go
#1051 - Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go
#1050 - Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7 in /acceptance
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go
#1049 - Bump github.com/enterprise-contract/ec-cli from 0.5.13 to 0.5.17
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go
#1048 - Are trusted tasks only trusted one month in the future?
Issue -
State: closed - Opened by ralphbean 3 months ago
- 4 comments
#1047 - Merge rule_data.trusted_tasks into trusted_tasks
Pull Request -
State: closed - Opened by simonbaird 3 months ago
- 4 comments
#1046 - Fix typo in rule data attributes key
Pull Request -
State: closed - Opened by simonbaird 3 months ago
#1045 - Bump github.com/enterprise-contract/ec-cli from 0.5.3 to 0.5.13
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go