Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / google/osv-scanner issues and pull requests

#1284 - test: update snapshot

Pull Request - State: open - Opened by G-Rath about 12 hours ago - 1 comment

#1283 - fix: output invalid PURLs when scanning sboms

Pull Request - State: open - Opened by G-Rath about 13 hours ago

#1282 - chore(deps): lock file maintenance

Pull Request - State: open - Opened by renovate-bot about 15 hours ago - 1 comment
Labels: dependencies

#1281 - chore(deps): update workflows

Pull Request - State: open - Opened by renovate-bot about 15 hours ago
Labels: dependencies

#1280 - Do not fetch snapshots from the Maven repository disabling that

Issue - State: open - Opened by cuixq 4 days ago
Labels: enhancement

#1279 - fix(offline): report all ecosystems without local databases in one single line

Pull Request - State: open - Opened by G-Rath 4 days ago - 1 comment

#1278 - fix: apply go version override to _all_ instances of the `stdlib`

Pull Request - State: open - Opened by G-Rath 4 days ago - 2 comments

#1277 - Consider making "skip git" the default in v2

Issue - State: open - Opened by G-Rath 4 days ago
Labels: V2 Wishlist

#1275 - Display severity using ecosystem-specific priority tags

Issue - State: open - Opened by hogo6002 5 days ago
Labels: enhancement

#1274 - HTML output format for scanning result

Issue - State: open - Opened by hogo6002 5 days ago
Labels: enhancement

#1270 - chore(deps): update dependency webrick to v1.8.2 [security]

Pull Request - State: closed - Opened by renovate-bot 6 days ago - 1 comment
Labels: dependencies

#1269 - Read Maven configurations from `settings.xml`

Issue - State: open - Opened by cuixq 6 days ago
Labels: enhancement

#1268 - feat: support `vulnerabilities.ignore` in package overrides

Pull Request - State: open - Opened by G-Rath 6 days ago - 1 comment

#1267 - test: update case to reflect recent config parsing changes

Pull Request - State: closed - Opened by G-Rath 6 days ago - 1 comment

#1265 - fix(deps): update osv-scanner minor

Pull Request - State: closed - Opened by renovate-bot 8 days ago - 2 comments
Labels: dependencies

#1264 - chore(deps): update workflows

Pull Request - State: closed - Opened by renovate-bot 8 days ago - 1 comment
Labels: dependencies

#1263 - refactor: Follow revive rules across the repo

Pull Request - State: closed - Opened by another-rex 10 days ago - 1 comment

#1262 - feat: group DSA and its CVEs together

Pull Request - State: closed - Opened by hogo6002 11 days ago - 1 comment

#1261 - Group using related field for specific ecosystems

Issue - State: open - Opened by another-rex 11 days ago
Labels: enhancement

#1260 - Implement query paging

Issue - State: open - Opened by another-rex 11 days ago
Labels: bug, enhancement

#1259 - chore: make guided remediation follow revive's default lint rules

Pull Request - State: closed - Opened by michaelkedar 11 days ago - 3 comments

#1258 - feat(output): add HTML output format

Pull Request - State: open - Opened by hogo6002 12 days ago - 1 comment

#1257 - Reenable `revive` golangci-lints

Issue - State: closed - Opened by another-rex 12 days ago - 2 comments
Labels: infra

#1256 - ci: pin `amannn/action-semantic-pull-request` to a commit

Pull Request - State: closed - Opened by G-Rath 12 days ago - 1 comment

#1255 - ci: pin `actions/stale` to a commit

Pull Request - State: closed - Opened by G-Rath 12 days ago - 1 comment

#1254 - test: update snapshots with new security vulnerabilities

Pull Request - State: closed - Opened by G-Rath 12 days ago - 4 comments

#1253 - chore: deprecate parser functions in favor of their extract equivalents

Pull Request - State: closed - Opened by G-Rath 13 days ago - 1 comment

#1252 - fix: don't allow `LoadPath` to be set via config file

Pull Request - State: closed - Opened by G-Rath 13 days ago - 1 comment

#1251 - test: ensure `cmp.Diff` usage is consistent

Pull Request - State: closed - Opened by G-Rath 14 days ago - 1 comment

#1250 - test: restructure internal `config` cases and fixtures

Pull Request - State: closed - Opened by G-Rath 14 days ago - 1 comment

#1249 - feat: error if configuration file has unknown properties

Pull Request - State: closed - Opened by G-Rath 14 days ago - 1 comment

#1248 - refactor: simplify and reuse `tryLoadConfig`

Pull Request - State: closed - Opened by G-Rath 14 days ago - 2 comments

#1247 - chore(deps): update workflows

Pull Request - State: closed - Opened by renovate-bot 15 days ago - 1 comment
Labels: dependencies

#1246 - fix(deps): update osv-scanner minor

Pull Request - State: closed - Opened by renovate-bot 15 days ago - 1 comment
Labels: dependencies

#1245 - feat: Copy over dark docs theming from osv.dev

Pull Request - State: closed - Opened by another-rex 17 days ago - 1 comment

#1244 - Support pyproject.toml files

Issue - State: open - Opened by AdamKorcz 18 days ago - 1 comment
Labels: enhancement

#1243 - feat: allow explicitly ignoring the license of a package in config

Pull Request - State: closed - Opened by G-Rath 18 days ago - 3 comments

#1242 - fix: announce when a config file is invalid and exit with a non-zero code

Pull Request - State: closed - Opened by G-Rath 18 days ago - 1 comment

#1241 - fix: don't assume there's always a reason for a package being filtered out

Pull Request - State: closed - Opened by G-Rath 18 days ago - 1 comment

#1239 - Support profile activation in Maven pom.xml resolution and writing

Issue - State: open - Opened by michaelkedar 19 days ago - 2 comments
Labels: enhancement

#1238 - Fail to update Maven packages with properties in their names

Issue - State: open - Opened by michaelkedar 19 days ago
Labels: bug, guided remediation

#1237 - chore(release): changelog for v1.8.5

Pull Request - State: closed - Opened by cuixq 19 days ago - 1 comment

#1236 - fix: make Alpine ecosystem fallback to latest release version

Pull Request - State: closed - Opened by michaelkedar 20 days ago - 1 comment

#1235 - feat(guided remediation): remediate unresolved dependency management vulns

Pull Request - State: closed - Opened by michaelkedar 20 days ago - 1 comment
Labels: guided remediation

#1234 - Add partial parsing support for setup.py

Pull Request - State: closed - Opened by rtfpessoa 21 days ago

#1233 - chore: update Go to version 1.22.7

Pull Request - State: closed - Opened by cuixq 21 days ago - 2 comments

#1232 - chore: update test snapshots

Pull Request - State: closed - Opened by cuixq 21 days ago - 1 comment

#1231 - chore(deps): update golang docker tag to v1.23.1

Pull Request - State: closed - Opened by renovate-bot 22 days ago - 2 comments
Labels: dependencies

#1230 - chore(deps): update alpine:3.20 docker digest to beefdbd

Pull Request - State: closed - Opened by renovate-bot 22 days ago - 2 comments
Labels: dependencies

#1229 - Inquiry about the plans for the experimental offline mode

Issue - State: open - Opened by chheda-deshaw 24 days ago - 3 comments
Labels: enhancement

#1228 - fix: govulncheck calls on C code

Pull Request - State: closed - Opened by another-rex 24 days ago - 2 comments

#1227 - Integrate Vanir

Issue - State: open - Opened by oliverchang 24 days ago
Labels: enhancement

#1226 - Add vulnerabilities.ignore flag to just ignore vulnerabilties.

Issue - State: open - Opened by another-rex 25 days ago - 2 comments
Labels: backlog

#1225 - feat(internal): marshal self-closing tags in XML

Pull Request - State: closed - Opened by cuixq 25 days ago - 1 comment

#1223 - refactor: use forked xml package for writing

Pull Request - State: closed - Opened by cuixq 26 days ago - 1 comment

#1222 - chore: update test snapshots

Pull Request - State: closed - Opened by cuixq 26 days ago - 1 comment

#1221 - [Github action] exit code 0 returned on incorrect cli usage

Issue - State: open - Opened by shahar-h 27 days ago
Labels: bug

#1220 - [GitHub Action] scan fails on go projects that import C code

Issue - State: closed - Opened by shahar-h 27 days ago - 2 comments
Labels: bug

#1219 - fix(guided remediation): Add special handling for specific Maven packages

Pull Request - State: closed - Opened by michaelkedar 28 days ago - 1 comment
Labels: guided remediation

#1218 - chore: update test snapshots

Pull Request - State: closed - Opened by cuixq 28 days ago - 1 comment

#1217 - fix(deps): update module github.com/charmbracelet/bubbletea to v1

Pull Request - State: closed - Opened by renovate-bot 29 days ago - 2 comments
Labels: dependencies

#1216 - fix(internal): encode XML tokens without escaping

Pull Request - State: closed - Opened by cuixq about 1 month ago - 1 comment

#1215 - Indentation when writing new dependencies to Maven pom.xml

Issue - State: closed - Opened by cuixq about 1 month ago
Labels: bug, guided remediation

#1214 - feat: support composite-based package overrides

Pull Request - State: closed - Opened by G-Rath about 1 month ago - 4 comments

#1213 - Better `osv-scanner fix --non-interactive` output

Issue - State: open - Opened by michaelkedar about 1 month ago - 1 comment
Labels: enhancement, guided remediation, backlog

#1212 - chore: axe `.go-version` file

Pull Request - State: closed - Opened by G-Rath about 1 month ago - 1 comment

#1211 - Add dependency groups filter for PackageOverrides config

Issue - State: closed - Opened by kmohrf about 1 month ago - 2 comments
Labels: enhancement

#1210 - feat(guided remediation): Add `FIXED-VULN-IDS` to non-interactive output

Pull Request - State: closed - Opened by michaelkedar about 1 month ago - 1 comment
Labels: guided remediation

#1209 - chore: add missed test ignore vuln

Pull Request - State: closed - Opened by michaelkedar about 1 month ago - 1 comment

#1208 - Show the vulnerable path when doing transitive dependency scanning

Issue - State: open - Opened by cuixq about 1 month ago
Labels: enhancement

#1207 - feat(internal): add Maven native dependency client

Pull Request - State: closed - Opened by cuixq about 1 month ago - 1 comment

#1206 - perf: ignored packages should be filtered out before scanning

Pull Request - State: closed - Opened by giovanni-bozzano about 1 month ago - 1 comment

#1205 - chore(deps): update workflows

Pull Request - State: closed - Opened by renovate-bot about 1 month ago - 2 comments
Labels: dependencies

#1204 - fix(deps): update osv-scanner minor

Pull Request - State: closed - Opened by renovate-bot about 1 month ago - 4 comments
Labels: dependencies

#1203 - osv-scanner fix should output the vulnerabilities fixed by the updates

Issue - State: closed - Opened by kovacsw about 1 month ago
Labels: guided remediation

#1201 - fix: correct for breaking change in glamour v0.8.0

Pull Request - State: closed - Opened by andrewpollock about 1 month ago - 2 comments

#1200 - chore(release): release v1.8.4

Pull Request - State: closed - Opened by andrewpollock about 1 month ago - 1 comment

#1199 - Docs

Pull Request - State: closed - Opened by andrewpollock about 1 month ago - 2 comments

#1198 - docs: merge v1.8.3 into docs

Pull Request - State: closed - Opened by andrewpollock about 1 month ago

#1197 - docs: link to the Scorecard Report

Pull Request - State: closed - Opened by andrewpollock about 1 month ago - 1 comment

#1196 - Merge main branch into the docs branch

Pull Request - State: closed - Opened by andrewpollock about 1 month ago - 2 comments

#1195 - chore(deps): lock file maintenance

Pull Request - State: closed - Opened by renovate-bot about 1 month ago - 1 comment
Labels: dependencies

#1194 - fix: stop finding more parent pom if the path is empty

Pull Request - State: closed - Opened by cuixq about 1 month ago - 1 comment

#1193 - refactor: move Maven utility to a separate package

Pull Request - State: closed - Opened by cuixq about 1 month ago - 1 comment

#1192 - chore: add new vulnerability aliases to test snapshots

Pull Request - State: closed - Opened by michaelkedar about 1 month ago - 1 comment

#1191 - feat(guided remediation): add `--upgrade-config` flag

Pull Request - State: closed - Opened by michaelkedar about 1 month ago - 1 comment
Labels: guided remediation

#1190 - fix: unescape tabs before writing to pom.xml

Pull Request - State: closed - Opened by cuixq about 1 month ago - 5 comments

#1189 - chore(deps): update dependency github-pages to v232

Pull Request - State: closed - Opened by renovate-bot about 1 month ago - 1 comment
Labels: dependencies

#1188 - chore(deps): update golang docker tag to v1.23.0

Pull Request - State: closed - Opened by renovate-bot about 1 month ago - 1 comment
Labels: dependencies

#1187 - fix(deps): update osv-scanner minor

Pull Request - State: closed - Opened by renovate-bot about 1 month ago - 2 comments
Labels: dependencies

#1186 - chore(deps): update workflows

Pull Request - State: closed - Opened by renovate-bot about 1 month ago - 1 comment
Labels: dependencies