Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / enterprise-contract/ec-policies issues and pull requests

#1187 - Bundle CycloneDX schemas

Pull Request - State: closed - Opened by lcarva 4 months ago - 4 comments

#1187 - Bundle CycloneDX schemas

Pull Request - State: closed - Opened by lcarva 4 months ago - 4 comments

#1186 - conform to package name best practice

Pull Request - State: closed - Opened by joejstuart 4 months ago - 3 comments

#1186 - conform to package name best practice

Pull Request - State: closed - Opened by joejstuart 4 months ago - 3 comments

#1185 - Test failure when offline

Issue - State: closed - Opened by zregvart 4 months ago - 5 comments

#1185 - Test failure when offline

Issue - State: closed - Opened by zregvart 4 months ago - 5 comments

#1184 - Rename package names under lib

Pull Request - State: closed - Opened by joejstuart 4 months ago

#1184 - Rename package names under lib

Pull Request - State: closed - Opened by joejstuart 4 months ago

#1183 - Conventions check for `effective_on` annotation

Pull Request - State: closed - Opened by zregvart 4 months ago - 3 comments

#1183 - Conventions check for `effective_on` annotation

Pull Request - State: closed - Opened by zregvart 4 months ago - 3 comments

#1182 - Per vulnerability policy rules

Issue - State: open - Opened by zregvart 4 months ago

#1182 - Per vulnerability policy rules

Issue - State: open - Opened by zregvart 4 months ago - 2 comments

#1181 - Enable rpm repo id check in redhat collection effective in 30 days

Pull Request - State: closed - Opened by simonbaird 4 months ago - 1 comment

#1181 - Enable rpm repo id check in redhat collection effective in 30 days

Pull Request - State: closed - Opened by simonbaird 4 months ago - 1 comment

#1180 - Use of clair report from OCI and CVE leeway

Pull Request - State: closed - Opened by zregvart 4 months ago - 4 comments

#1180 - Use of clair report from OCI and CVE leeway

Pull Request - State: closed - Opened by zregvart 4 months ago - 4 comments

#1179 - Fix directory package mismatch

Pull Request - State: closed - Opened by joejstuart 4 months ago - 2 comments

#1179 - Fix directory package mismatch

Pull Request - State: closed - Opened by joejstuart 4 months ago - 2 comments

#1178 - Bump github.com/styrainc/regal from 0.27.0 to 0.28.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1178 - Bump github.com/styrainc/regal from 0.27.0 to 0.28.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1177 - Bump github.com/enterprise-contract/ec-cli from 0.6.44 to 0.6.52

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1177 - Bump github.com/enterprise-contract/ec-cli from 0.6.44 to 0.6.52

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1176 - Bump github/codeql-action from 3.26.10 to 3.26.11

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1176 - Bump github/codeql-action from 3.26.10 to 3.26.11

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1175 - Bump codecov/codecov-action from 4.5.0 to 4.6.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1175 - Bump codecov/codecov-action from 4.5.0 to 4.6.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1174 - Refresh examples

Pull Request - State: closed - Opened by zregvart 4 months ago - 1 comment

#1174 - Refresh examples

Pull Request - State: closed - Opened by zregvart 4 months ago - 1 comment

#1173 - Fixup for last PR: Actually remove the version

Pull Request - State: closed - Opened by simonbaird 4 months ago - 3 comments

#1173 - Fixup for last PR: Actually remove the version

Pull Request - State: closed - Opened by simonbaird 4 months ago - 3 comments

#1172 - Specify "unversion" link in ec-cli component

Pull Request - State: closed - Opened by simonbaird 4 months ago - 2 comments

#1172 - Specify "unversion" link in ec-cli component

Pull Request - State: closed - Opened by simonbaird 4 months ago - 2 comments

#1171 - Add support for SPDX SBOMs in rpm_repos package

Pull Request - State: closed - Opened by lcarva 4 months ago - 4 comments

#1171 - Add support for SPDX SBOMs in rpm_repos package

Pull Request - State: closed - Opened by lcarva 4 months ago - 4 comments

#1170 - Drop support for BASE_IMAGES_DIGESTS results

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1170 - Drop support for BASE_IMAGES_DIGESTS results

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1169 - Switch to "unversioned" in antora.yml

Pull Request - State: closed - Opened by simonbaird 4 months ago - 2 comments

#1169 - Switch to "unversioned" in antora.yml

Pull Request - State: closed - Opened by simonbaird 4 months ago - 2 comments

#1168 - Allow base images from the snapshot

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1168 - Allow base images from the snapshot

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1167 - Specify correct branch in antora.yml

Pull Request - State: closed - Opened by simonbaird 4 months ago - 3 comments

#1167 - Specify correct branch in antora.yml

Pull Request - State: closed - Opened by simonbaird 4 months ago - 3 comments

#1166 - Limit sbom rpm repo id checks to cachi2 content

Pull Request - State: closed - Opened by simonbaird 4 months ago - 4 comments

#1166 - Limit sbom rpm repo id checks to cachi2 content

Pull Request - State: closed - Opened by simonbaird 4 months ago - 4 comments

#1165 - Add terms to rules from sbom_cyclonedx package

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1165 - Add terms to rules from sbom_cyclonedx package

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1164 - Verify trusted_tasks data

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1164 - Verify trusted_tasks data

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1163 - Remove attestation_task_bundle package

Issue - State: open - Opened by lcarva 4 months ago

#1163 - Remove attestation_task_bundle package

Issue - State: open - Opened by lcarva 4 months ago

#1162 - SPDX SBOM support

Pull Request - State: closed - Opened by joejstuart 4 months ago - 4 comments

#1162 - SPDX SBOM support

Pull Request - State: closed - Opened by joejstuart 4 months ago - 4 comments

#1161 - Bump github.com/enterprise-contract/ec-cli from 0.6.20 to 0.6.44

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1161 - Bump github.com/enterprise-contract/ec-cli from 0.6.20 to 0.6.44

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1160 - Bump github/codeql-action from 3.26.8 to 3.26.10

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1160 - Bump github/codeql-action from 3.26.8 to 3.26.10

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1159 - Bump actions/checkout from 4.1.7 to 4.2.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1159 - Bump actions/checkout from 4.1.7 to 4.2.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1158 - Add data validation to required-tasks data

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1158 - Add data validation to required-tasks data

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1157 - Downgrade `additionalProperties` violations to warnings

Issue - State: closed - Opened by lcarva 4 months ago

#1157 - Downgrade `additionalProperties` violations to warnings

Issue - State: closed - Opened by lcarva 4 months ago

#1156 - Make the task expiry message customizable

Pull Request - State: closed - Opened by chmeliik 4 months ago - 4 comments

#1156 - Make the task expiry message customizable

Pull Request - State: closed - Opened by chmeliik 4 months ago - 4 comments

#1155 - Stop depending on `BASE_IMAGES_DIGESTS` TaskRun result

Issue - State: closed - Opened by zregvart 4 months ago - 1 comment

#1155 - Stop depending on `BASE_IMAGES_DIGESTS` TaskRun result

Issue - State: closed - Opened by zregvart 4 months ago - 1 comment

#1154 - Handle missing component `purl` property in SBOM

Pull Request - State: closed - Opened by zregvart 4 months ago - 3 comments

#1154 - Handle missing component `purl` property in SBOM

Pull Request - State: closed - Opened by zregvart 4 months ago - 3 comments

#1153 - Update refs that may not have oci prefix

Pull Request - State: closed - Opened by lcarva 4 months ago

#1153 - Update refs that may not have oci prefix

Pull Request - State: closed - Opened by lcarva 4 months ago

#1152 - Add terms to rpm_repos.ids_known

Pull Request - State: closed - Opened by zregvart 4 months ago - 3 comments

#1152 - Add terms to rpm_repos.ids_known

Pull Request - State: closed - Opened by zregvart 4 months ago - 3 comments

#1151 - Bump github.com/open-policy-agent/opa from 0.67.1 to 0.68.0 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1151 - Bump github.com/open-policy-agent/opa from 0.67.1 to 0.68.0 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1150 - Bump github/codeql-action from 3.26.7 to 3.26.8

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1150 - Bump github/codeql-action from 3.26.7 to 3.26.8

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1149 - Bump github.com/styrainc/regal from 0.26.2 to 0.27.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 2 comments
Labels: dependencies, go

#1149 - Bump github.com/styrainc/regal from 0.26.2 to 0.27.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 2 comments
Labels: dependencies, go

#1148 - Bump github.com/enterprise-contract/ec-cli from 0.6.5 to 0.6.20

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1148 - Bump github.com/enterprise-contract/ec-cli from 0.6.5 to 0.6.20

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1147 - Refresh examples

Pull Request - State: closed - Opened by zregvart 4 months ago - 1 comment

#1146 - Bump github.com/open-policy-agent/opa from 0.63.0 to 0.68.0 in /docs

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1146 - Bump github.com/open-policy-agent/opa from 0.63.0 to 0.68.0 in /docs

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1145 - Exclude non-OCI refs from list of OLM image refs

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1144 - Mention module purls in rpm repo id check

Pull Request - State: closed - Opened by simonbaird 4 months ago - 1 comment

#1143 - Allow subpaths to be excluded in disallowed pkgs

Pull Request - State: closed - Opened by lcarva 4 months ago - 4 comments

#1142 - Use PURL's subpath when matching disallowed pkgs

Pull Request - State: closed - Opened by lcarva 4 months ago - 4 comments

#1141 - VS Code things

Pull Request - State: closed - Opened by lcarva 4 months ago - 1 comment

#1140 - feat(STONEINTG-660): rename CLAIR_SCAN_RESULT>SCAN_OUTPUT

Pull Request - State: closed - Opened by jsztuka 5 months ago - 8 comments

#1139 - Bump github.com/enterprise-contract/ec-cli from 0.5.144 to 0.6.5

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, go

#1138 - Bump github.com/tektoncd/cli from 0.38.0 to 0.38.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, go

#1137 - Bump github/codeql-action from 3.26.6 to 3.26.7

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#1136 - Bump step-security/harden-runner from 2.9.1 to 2.10.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#1135 - Confirm all rpms in sboms have a known repo id

Pull Request - State: closed - Opened by simonbaird 5 months ago - 7 comments

#1134 - Use custom EC OPA in VS Code

Pull Request - State: closed - Opened by lcarva 5 months ago - 1 comment

#1133 - Specific version support for required Task results

Pull Request - State: closed - Opened by zregvart 5 months ago - 1 comment

#1132 - Update description to only include sha1 entries

Pull Request - State: closed - Opened by joejstuart 5 months ago - 2 comments

#1131 - Bump github.com/enterprise-contract/ec-cli from 0.5.128 to 0.5.144

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 2 comments
Labels: dependencies, go

#1130 - Bump github.com/styrainc/regal from 0.25.0 to 0.26.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 3 comments
Labels: dependencies, go

#1129 - Document pitfalls of writing policy rules

Pull Request - State: closed - Opened by lcarva 5 months ago - 3 comments