google/osv-scanner issues and pull requests

#498 - chore(deps): update dependency jekyll-feed to v0.17.0

Pull Request - State: closed - Opened by renovate-bot about 1 year ago
Labels: dependencies

#497 - chore(deps): update actions/setup-go action to v4.1.0

Pull Request - State: closed - Opened by renovate-bot about 1 year ago
Labels: dependencies

#496 - fix(deps): update golang.org/x/exp digest to d852ddb

Pull Request - State: closed - Opened by renovate-bot about 1 year ago
Labels: dependencies

#495 - Include CVSS MaxSeverity in JSON output

Issue - State: open - Opened by yene about 1 year ago - 4 comments
Labels: enhancement, good first issue

#494 - If go version can't be found, don't add stdlib

Pull Request - State: closed - Opened by another-rex over 1 year ago

#493 - fix: don't error if local db directory already exists

Pull Request - State: closed - Opened by G-Rath over 1 year ago

#492 - fix: ensure that "introduced 0" events are sorted before any other event

Pull Request - State: closed - Opened by G-Rath over 1 year ago

#491 - Issues when running experimental Local DB

Issue - State: closed - Opened by another-rex over 1 year ago - 2 comments
Labels: bug

#490 - Fix some vulns and ignore others

Pull Request - State: closed - Opened by another-rex over 1 year ago

#489 - chore(deps): Bump github.com/ipfs/go-bitfield from 1.0.0 to 1.1.0 in /internal/sourceanalysis/integration/fixtures-go/test-project

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#488 - chore(deps): Bump golang.org/x/image from 0.4.0 to 0.5.0 in /internal/sourceanalysis/integration/fixtures-go/test-project

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#487 - chore(deps): Bump github.com/gogo/protobuf from 1.3.1 to 1.3.2 in /internal/sourceanalysis/integration/fixtures-go/test-project

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#486 - fix(deps): update module github.com/ipfs/go-bitfield to v1.1.0 [security]

Pull Request - State: closed - Opened by renovate-bot over 1 year ago - 1 comment
Labels: dependencies

#485 - fix(deps): update module github.com/gogo/protobuf to v1.3.2 [security]

Pull Request - State: closed - Opened by renovate-bot over 1 year ago - 1 comment
Labels: dependencies

#484 - Add go stdlib version support

Pull Request - State: closed - Opened by another-rex over 1 year ago

#483 - chore(deps): update github/codeql-action action to v2.21.4

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#482 - fix(deps): update osv-scanner minor

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#481 - chore(deps): update gaurav-nelson/github-action-markdown-link-check digest to 46e4421

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#480 - chore(deps): update alpine:3.18 docker digest to 7144f7b

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#479 - Option to flag bundled dependencies?

Issue - State: open - Opened by sarnesjo over 1 year ago - 2 comments
Labels: enhancement, backlog

#478 - osv-scanner subcommands

Issue - State: closed - Opened by oliverchang over 1 year ago - 2 comments
Labels: enhancement

#477 - Support license checks

Issue - State: closed - Opened by oliverchang over 1 year ago - 2 comments
Labels: enhancement

#476 - Call graph analysis

Issue - State: open - Opened by oliverchang over 1 year ago - 1 comment
Labels: enhancement, backlog

#475 - Scanner action should pass if the vulnerabilities remain the same

Pull Request - State: closed - Opened by another-rex over 1 year ago

#474 - Tidy up scanner action

Pull Request - State: closed - Opened by another-rex over 1 year ago

#473 - Prepare for v1.3.7 Release

Pull Request - State: closed - Opened by andrewpollock over 1 year ago - 1 comment

#472 - Manually update dependencies to resolve vulnerability https://osv.dev/GO-2023-1988

Pull Request - State: closed - Opened by another-rex over 1 year ago

#471 - chore(deps-dev): Bump commonmarker from 0.23.9 to 0.23.10 in /docs

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, ruby

#470 - to support format with csv

Issue - State: closed - Opened by mvpbang over 1 year ago - 7 comments
Labels: backlog

#469 - chore(deps): update slsa-framework/slsa-github-generator action to v1.8.0

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#468 - chore(deps): update alpine docker tag to v3.18

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#467 - chore(deps): update golang:alpine docker digest to 445f340

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#466 - chore(deps): update alpine:3.17 docker digest to f71a5f0

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#465 - Move github action back to the main branch

Pull Request - State: closed - Opened by another-rex over 1 year ago

#464 - Rust function call analysis

Issue - State: open - Opened by another-rex over 1 year ago - 2 comments
Labels: backlog

#463 - refactor: move experimental flags into their own struct

Pull Request - State: closed - Opened by G-Rath over 1 year ago

#462 - fix: use correct plural and singular forms based on count

Pull Request - State: closed - Opened by G-Rath over 1 year ago

#461 - test: make `output` tests their own package

Pull Request - State: closed - Opened by G-Rath over 1 year ago

#460 - Add annotations and osv-scanner table in the Github Action output

Pull Request - State: closed - Opened by another-rex over 1 year ago

#459 - Updated github actions to use main branch now that the PR is merged in

Pull Request - State: closed - Opened by another-rex over 1 year ago

#458 - OSV-Scanner Github Action Tracker

Issue - State: open - Opened by another-rex over 1 year ago

#457 - Fix purl mapping

Pull Request - State: closed - Opened by another-rex over 1 year ago

#456 - fix(deps): update osv-scanner minor

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#455 - chore(deps): update github/codeql-action action to v2.21.2

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#454 - chore: minor grammar fixes

Pull Request - State: closed - Opened by G-Rath over 1 year ago

#453 - osv-scanner does not catch Go/stdlib vulnerabilities

Issue - State: closed - Opened by ecktom over 1 year ago - 6 comments
Labels: bug

#452 - Rust call analysis

Pull Request - State: closed - Opened by another-rex over 1 year ago

#451 - feat: support `io.Reader` based parsers

Pull Request - State: closed - Opened by G-Rath over 1 year ago - 3 comments

#450 - Enable lockfile maintaince

Pull Request - State: closed - Opened by another-rex over 1 year ago

#449 - chore(deps): update github/codeql-action action to v2.21.0

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#448 - chore(deps): update dependency jekyll-feed to v0.17.0

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#447 - Prepare for v1.3.6 Release

Pull Request - State: closed - Opened by michaelkedar over 1 year ago

#446 - Adjusting GitHub actions

Pull Request - State: closed - Opened by hayleycd over 1 year ago

#445 - fix(deps): update osv-scanner minor

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#444 - chore(deps): update golang:alpine docker digest to 7839c9f

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#443 - go.mod: upgrade to golang.org/x/[email protected]

Pull Request - State: closed - Opened by julieqiu over 1 year ago

#442 - Unify Ecosystem type and constants

Issue - State: open - Opened by another-rex over 1 year ago - 1 comment
Labels: V2 Wishlist

#441 - Optimize Dockerfile and add .dockerignore

Pull Request - State: closed - Opened by theinfosecguy over 1 year ago - 3 comments

#440 - Update README.md

Pull Request - State: closed - Opened by eltociear over 1 year ago

#439 - Fix PURLToPackage function and move it

Pull Request - State: closed - Opened by another-rex over 1 year ago

#438 - chore(deps): update dependency jekyll-feed to v0.17.0

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#437 - chore(deps): update docker/setup-buildx-action digest to 4c0219f

Pull Request - State: closed - Opened by renovate-bot over 1 year ago
Labels: dependencies

#435 - chore(deps): Bump github.com/gogo/protobuf from 1.3.1 to 1.3.2 in /internal/sourceanalysis/integration/fixtures/test-project

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies

#434 - chore(deps): Bump github.com/ipfs/go-bitfield from 1.0.0 to 1.1.0 in /internal/sourceanalysis/integration/fixtures/test-project

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies

#433 - chore(deps): Bump golang.org/x/image from 0.4.0 to 0.5.0 in /internal/sourceanalysis/integration/fixtures/test-project

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies

GitHub / google/osv-scanner issues and pull requests