google/osv-scanner issues and pull requests

#1099 - Add go compiler to enable call analysis in the github action

Pull Request - State: closed - Opened by another-rex 5 months ago - 1 comment

#1098 - No warnings when `ignoreUntil` and `effectiveUntil` have typos

Issue - State: closed - Opened by faern 5 months ago - 1 comment
Labels: enhancement, backlog

#1097 - Move call analysis out of ExperimentalAnalysis

Issue - State: open - Opened by hogo6002 5 months ago
Labels: V2 Wishlist

#1096 - Update github action docs in osv-scanner

Pull Request - State: closed - Opened by another-rex 5 months ago - 1 comment

#1095 - OSV-Scanner Docker container scanning V2

Issue - State: open - Opened by another-rex 5 months ago - 1 comment
Labels: V2 Wishlist, container-scanning-mvp

#1094 - fix: restore custom styling to table format

Pull Request - State: closed - Opened by G-Rath 5 months ago - 1 comment

#1093 - test: add output fixtures for call analysis

Pull Request - State: closed - Opened by G-Rath 5 months ago - 2 comments

#1092 - test: update snapshots

Pull Request - State: closed - Opened by G-Rath 5 months ago - 1 comment

#1091 - Improved the runtime of DiffVulnerabilityResults

Pull Request - State: closed - Opened by neilnaveen 5 months ago - 1 comment

#1090 - Github Actions: The workflow is requesting 'actions: read'

Issue - State: closed - Opened by faern 5 months ago - 3 comments

#1089 - Add warning to the default docker container scanning method

Pull Request - State: closed - Opened by another-rex 5 months ago - 1 comment

#1088 - ci: upgrade `semantic` workflow to use v4 for artifact workflows

Pull Request - State: closed - Opened by G-Rath 5 months ago - 1 comment

#1087 - refactor: just disable color output rather than tracking terminal width

Pull Request - State: closed - Opened by G-Rath 5 months ago - 4 comments

#1086 - Added Testing for the SPDX SBOM Reader

Pull Request - State: closed - Opened by neilnaveen 5 months ago - 1 comment

#1085 - Update snaps again

Pull Request - State: closed - Opened by another-rex 5 months ago

#1084 - Update snapshots

Pull Request - State: closed - Opened by cuixq 5 months ago - 1 comment

#1083 - Refactoring `manifest.Read()` for Maven

Pull Request - State: closed - Opened by cuixq 5 months ago - 1 comment

#1082 - chore(deps): update workflows to v4 (major)

Pull Request - State: closed - Opened by renovate-bot 5 months ago - 3 comments
Labels: dependencies

#1081 - fix(deps): update module github.com/spdx/tools-golang to v0.5.5

Pull Request - State: closed - Opened by renovate-bot 5 months ago - 2 comments
Labels: dependencies

#1080 - chore(deps): update workflows

Pull Request - State: closed - Opened by renovate-bot 5 months ago - 1 comment
Labels: dependencies

#1079 - test: update snapshots

Pull Request - State: closed - Opened by G-Rath 5 months ago - 3 comments

#1078 - fix: use errgroup to avoid hydration deadlock scenario

Pull Request - State: closed - Opened by spencerschrock 5 months ago - 3 comments

#1077 - Deadlock in HydrateWithClient

Issue - State: closed - Opened by spencerschrock 5 months ago

#1076 - Changed min and max to inbuilt functions

Pull Request - State: closed - Opened by neilnaveen 5 months ago

#1075 - A new

Issue - State: closed - Opened by zhangyunqing123456789 5 months ago

#1074 - chore(deps): Bump the go_modules group across 2 directories with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 4 comments
Labels: dependencies, go

#1073 - github-action.md add version into md example

Pull Request - State: closed - Opened by GeoDerp 5 months ago - 4 comments

#1072 - filter out unimportant vulnerabilities from vuln group

Pull Request - State: closed - Opened by hogo6002 5 months ago - 1 comment

#1071 - Fix test

Pull Request - State: closed - Opened by michaelkedar 5 months ago

#1070 - OSV-Scanner should be more resilient to unknown API responses

Issue - State: open - Opened by another-rex 5 months ago - 1 comment
Labels: enhancement, backlog

#1069 - Cherry-pick unmerged change from docs branch

Pull Request - State: closed - Opened by michaelkedar 5 months ago

#1068 - chore(deps): Bump the npm_and_yarn group across 1 directory with 35 updates

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, javascript

#1067 - Combine Debian unimportant count logs

Pull Request - State: closed - Opened by hogo6002 5 months ago - 1 comment

#1067 - Combine Debian unimportant count logs

Pull Request - State: closed - Opened by hogo6002 5 months ago - 1 comment

#1066 - Add new line to filtered out vulns

Pull Request - State: closed - Opened by another-rex 5 months ago - 1 comment

#1065 - Update tests to support go version changes

Pull Request - State: closed - Opened by another-rex 5 months ago - 1 comment

#1064 - fix(deps): update module github.com/charmbracelet/bubbletea to v0.26.6

Pull Request - State: closed - Opened by renovate-bot 5 months ago - 1 comment
Labels: dependencies

#1063 - chore(deps): update golang:1.22.4-alpine3.19 docker digest to c46c460

Pull Request - State: closed - Opened by renovate-bot 5 months ago - 1 comment
Labels: dependencies

#1062 - chore(deps): update alpine:3.20 docker digest to b89d9c9

Pull Request - State: closed - Opened by renovate-bot 5 months ago - 1 comment
Labels: dependencies

#1061 - ci: don't fail if codecov errors when uploading

Pull Request - State: closed - Opened by G-Rath 5 months ago - 2 comments

#1060 - Failed to hydrate an OSV response due to an unexpected severity type format

Issue - State: open - Opened by LeSuisse 5 months ago

#1059 - Redesign `pkg/reporter` and `cmd/osv-reporter`

Issue - State: open - Opened by cuixq 5 months ago
Labels: V2 Wishlist

#1058 - Update docs for 1.8.0/1.8.1

Pull Request - State: closed - Opened by michaelkedar 5 months ago - 3 comments

#1057 - Update docs for 1.8.0/1.8.1

Pull Request - State: closed - Opened by michaelkedar 5 months ago - 3 comments

#1056 - Make 1.8.1 release

Pull Request - State: closed - Opened by michaelkedar 5 months ago

#1055 - fix: ensure that `package` exists in `affected` property

Pull Request - State: closed - Opened by G-Rath 5 months ago - 2 comments

#1054 - feat: bump goreleaser to v2

Pull Request - State: closed - Opened by chenrui333 5 months ago

#1053 - move `Source` from `osv.Query`

Issue - State: open - Opened by cuixq 5 months ago
Labels: V2 Wishlist

#1052 - Update goreleaser.yml

Pull Request - State: closed - Opened by michaelkedar 5 months ago

#1051 - Add documentation for the configuration.

Pull Request - State: closed - Opened by another-rex 5 months ago

#1050 - v1.8.0 Changelog

Pull Request - State: closed - Opened by michaelkedar 5 months ago - 1 comment

#1049 - Package tracing PoC

Pull Request - State: closed - Opened by another-rex 5 months ago - 1 comment

#1048 - Add a client to fetch vulnerabilities from osv.dev

Issue - State: open - Opened by cuixq 5 months ago
Labels: V2 Wishlist

#1047 - chore(deps): Bump the npm_and_yarn group across 1 directory with 35 updates

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 2 comments
Labels: dependencies, javascript

#1046 - chore(deps): Bump the npm_and_yarn group across 1 directory with 35 updates

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 2 comments
Labels: dependencies, javascript

#1045 - Support private registries for Maven

Issue - State: open - Opened by cuixq 5 months ago - 4 comments
Labels: enhancement, guided remediation

#1044 - fix(deps): update osv-scanner minor

Pull Request - State: closed - Opened by renovate-bot 5 months ago - 1 comment
Labels: dependencies

#1043 - chore(deps): update workflows

Pull Request - State: closed - Opened by renovate-bot 5 months ago - 1 comment
Labels: dependencies

#1042 - chore(deps): update golang:1.21.11-alpine3.19 docker digest to 252633c - autoclosed

Pull Request - State: closed - Opened by renovate-bot 5 months ago - 1 comment
Labels: dependencies

#1041 - Update snapshots and exit codes

Pull Request - State: closed - Opened by cuixq 5 months ago - 1 comment

#1040 - Update documentation for transitive dependency scanning

Pull Request - State: closed - Opened by cuixq 5 months ago - 1 comment

#1039 - Add `experimental-download-offline-databases` flag

Pull Request - State: closed - Opened by cuixq 5 months ago - 5 comments

#1038 - chore(deps): Bump the npm_and_yarn group across 1 directory with 35 updates

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, javascript

#1037 - Remove busybox from alpine SBOM

Pull Request - State: closed - Opened by another-rex 5 months ago - 1 comment

#1036 - test: update snapshots and exit codes

Pull Request - State: closed - Opened by G-Rath 5 months ago - 7 comments

#1035 - Upgrade deps.dev dependencies

Pull Request - State: closed - Opened by cuixq 5 months ago - 1 comment

#1034 - chore(deps): Bump the npm_and_yarn group across 1 directory with 34 updates

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, javascript

#1033 - chore(deps): lock file maintenance

Pull Request - State: closed - Opened by renovate-bot 5 months ago
Labels: dependencies

#1032 - chore(deps): update goreleaser/goreleaser-action action to v6

Pull Request - State: closed - Opened by renovate-bot 5 months ago - 1 comment
Labels: dependencies

#1031 - Java import reachability

Issue - State: open - Opened by oliverchang 5 months ago - 3 comments
Labels: enhancement, backlog

#1030 - Update Go patch version

Pull Request - State: closed - Opened by hogo6002 5 months ago - 1 comment

#1029 - Update base docker image for golang 1.21.11

Pull Request - State: closed - Opened by np5 5 months ago - 1 comment

#1028 - Invoke `MavenResolverExtrator` when scanning pom.xml

Pull Request - State: closed - Opened by cuixq 6 months ago - 4 comments

#1027 - Dependency imports should always be fetched from upstream

Pull Request - State: closed - Opened by cuixq 6 months ago - 1 comment

#1026 - Guided Remediation support for npm peerDependencies

Issue - State: open - Opened by michaelkedar 6 months ago - 1 comment
Labels: guided remediation, backlog

#1025 - Start on override strategy for maven guided remediation

Pull Request - State: closed - Opened by michaelkedar 6 months ago - 1 comment
Labels: guided remediation

#1024 - Upgrade go version

Pull Request - State: closed - Opened by hogo6002 6 months ago - 1 comment

#1023 - Fix broken TUI styling

Pull Request - State: closed - Opened by michaelkedar 6 months ago - 1 comment
Labels: guided remediation

#1022 - Update test snapshots

Pull Request - State: closed - Opened by hogo6002 6 months ago - 1 comment

#1021 - Deprecate parser in `pkg/lockfile`

Issue - State: open - Opened by cuixq 6 months ago - 1 comment
Labels: V2 Wishlist

#1020 - ci: don't try to upload code coverage on macOS

Pull Request - State: closed - Opened by G-Rath 6 months ago - 2 comments

#1019 - Merge parent projects for Maven pom.xml

Pull Request - State: closed - Opened by cuixq 6 months ago - 1 comment

#1018 - chore(deps): lock file maintenance

Pull Request - State: closed - Opened by renovate-bot 6 months ago - 1 comment
Labels: dependencies

#1017 - fix(deps): update osv-scanner minor

Pull Request - State: closed - Opened by renovate-bot 6 months ago - 2 comments
Labels: dependencies

#1016 - chore(deps): update workflows

Pull Request - State: closed - Opened by renovate-bot 6 months ago - 1 comment
Labels: dependencies

#1015 - Request for Lowercase ( even Space-Free ) Abbreviation for Query API Eco Name

Issue - State: open - Opened by edwinjhlee 6 months ago - 2 comments

#1014 - ✨ Adding CycloneDX 1.4 and 1.5 reporter

Pull Request - State: closed - Opened by marcwieserdev 6 months ago - 1 comment

#1013 - OSV API Reveals Vulnerability Despite Detection Failure using osv-scanner

Issue - State: closed - Opened by edwinjhlee 6 months ago - 8 comments
Labels: stale

#1012 - Select a version that actually exists

Pull Request - State: closed - Opened by another-rex 6 months ago - 1 comment

#1011 - Add go binary scanning

Pull Request - State: closed - Opened by another-rex 6 months ago - 1 comment

#1010 - OSV-Scanner reporting package locations to give user information on remediation externally

Issue - State: open - Opened by marcwieserdev 6 months ago - 2 comments
Labels: backlog

#1009 - Refactor deps.dev clients

Issue - State: open - Opened by cuixq 6 months ago
Labels: V2 Wishlist

#1008 - Fix some Maven manifest & resolver issues

Pull Request - State: closed - Opened by michaelkedar 6 months ago - 1 comment

#1007 - fix: only care about ecosystem suffix if present in both ecosystems when determining equality

Pull Request - State: closed - Opened by G-Rath 6 months ago - 11 comments

#1006 - Remove feature from changelog as it's still blocked on #769

Pull Request - State: closed - Opened by another-rex 6 months ago - 1 comment

#1005 - Errors spamming the stderr output

Issue - State: closed - Opened by another-rex 6 months ago - 3 comments
Labels: bug, backlog

#1004 - ✨ Adding a flag to stop execution after dependency parsing

Pull Request - State: closed - Opened by marcwieserdev 6 months ago - 2 comments

#1003 - Do not record Maven `compile` scope in dependency groups

Pull Request - State: closed - Opened by cuixq 6 months ago - 1 comment

#1002 - Transitive dependency support for Maven pom.xml

Pull Request - State: closed - Opened by cuixq 6 months ago - 1 comment

#1001 - V1.7.4 changelog

Pull Request - State: closed - Opened by another-rex 6 months ago - 1 comment

GitHub / google/osv-scanner issues and pull requests