Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / grafana/plugin-validator issues and pull requests

#187 - Update github action to bump versions to use grafana github app

Pull Request - State: closed - Opened by academo 25 days ago

#186 - Validate all files have at least read permissions

Pull Request - State: closed - Opened by academo 25 days ago

#185 - Verify file permissions in zip files

Issue - State: closed - Opened by tolzhabayev 25 days ago

#184 - Bump github.com/google/osv-scanner from 1.6.2 to 1.7.2

Pull Request - State: closed - Opened by dependabot[bot] 28 days ago
Labels: dependencies, go

#183 - Bump golang.org/x/net from 0.21.0 to 0.23.0 in the go_modules group across 1 directory

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go

#182 - Bump tar from 6.1.13 to 6.2.1 in the npm_and_yarn group across 1 directory

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, javascript

#181 - CI: Update GitHub Action to build Docker container

Pull Request - State: closed - Opened by xnyo about 2 months ago
Labels: enhancement, github_actions

#180 - Build: Install semgrep and gosec in builder stage for CI tests

Pull Request - State: closed - Opened by xnyo about 2 months ago
Labels: enhancement

#179 - Fix flaky tests when legacyplatform analyzer is invoked

Pull Request - State: closed - Opened by xnyo about 2 months ago - 1 comment
Labels: bug

#178 - Bump github.com/google/osv-scanner from 1.6.2 to 1.7.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 4 comments
Labels: dependencies, go

#177 - Bump github.com/stretchr/testify from 1.8.4 to 1.9.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#176 - Bump golang.org/x/crypto from 0.20.0 to 0.21.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#175 - Add analyzer to check on empty description or keywords

Pull Request - State: closed - Opened by oshirohugo about 2 months ago
Labels: enhancement

#174 - New analyzer: detect missing backend component

Issue - State: open - Opened by sympatheticmoose about 2 months ago
Labels: enhancement

#173 - chore: update packages and images

Pull Request - State: open - Opened by briangann 2 months ago
Labels: dependencies, github_actions

#172 - Angular detection: Fetch patterns from GCOM

Pull Request - State: closed - Opened by oshirohugo 2 months ago

#171 - Bump google.golang.org/protobuf from 1.32.0 to 1.33.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#170 - Document checksum parameter

Issue - State: open - Opened by academo 3 months ago
Labels: documentation

#169 - Fix checksum handling of wrong urls

Pull Request - State: closed - Opened by academo 3 months ago

#168 - Bump golang.org/x/crypto from 0.19.0 to 0.20.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#167 - new analyzer: warn on empty description and keywords in plugin.json

Issue - State: closed - Opened by sympatheticmoose 3 months ago
Labels: enhancement

#166 - Add checksum validation

Pull Request - State: closed - Opened by academo 3 months ago
Labels: enhancement

#165 - update dependencies and bump go

Pull Request - State: closed - Opened by briangann 3 months ago
Labels: dependencies

#164 - Bump github.com/google/osv-scanner from 1.4.3 to 1.6.2

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 2 comments
Labels: dependencies, go

#163 - Bump golang.org/x/crypto from 0.17.0 to 0.18.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#162 - Bump the go_modules group across 1 directories with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 2 comments
Labels: dependencies, go

#161 - Bump golang.org/x/crypto from 0.15.0 to 0.17.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, go

#160 - Bump github.com/google/osv-scanner from 1.4.3 to 1.5.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 2 comments
Labels: dependencies, go

#159 - Bump goreleaser/goreleaser-action from 4 to 5

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#158 - Bump actions/setup-go from 4 to 5

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#157 - Bump magefile/mage-action from 2 to 3

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#156 - Bump actions/setup-node from 3 to 4

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#155 - Bump actions/checkout from 3 to 4

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#154 - Adding dependabot to keep repo up to date

Pull Request - State: closed - Opened by tolzhabayev 5 months ago

#153 - Fix panic when metadata is nil in packagejson analyzer

Pull Request - State: closed - Opened by xnyo 5 months ago
Labels: bug

#152 - Ignore files ending with svg$

Pull Request - State: closed - Opened by academo 5 months ago
Labels: bug

#151 - Display the found tracking domain in the validator output

Pull Request - State: closed - Opened by academo 5 months ago

#150 - Enable OSVScanner and fix tests

Pull Request - State: closed - Opened by briangann 6 months ago
Labels: bug

#148 - Clarify unsigned message for new plugins

Pull Request - State: closed - Opened by academo 6 months ago

#147 - Run validators with dependencies returning `nil`

Pull Request - State: closed - Opened by academo 6 months ago

#146 - Update README.md

Pull Request - State: closed - Opened by josmperez 6 months ago
Labels: documentation

#145 - Runner logic not working for analysers with dependencies that return nil

Issue - State: closed - Opened by academo 6 months ago - 1 comment

#142 - Update semgrep to latest

Pull Request - State: closed - Opened by academo 6 months ago

#141 - Feature: Support arm64 and new webpack source map diffs

Pull Request - State: closed - Opened by briangann 7 months ago - 1 comment
Labels: bug

#140 - new plugin-tools creates source map files with plugin-id included in webpack path

Issue - State: closed - Opened by briangann 7 months ago - 2 comments
Labels: bug

#138 - Legacy platform: Removed getLegacyAngularInjector Angular pattern

Pull Request - State: closed - Opened by xnyo 8 months ago - 1 comment

#137 - Angular detection: Fetch patterns from GCOM

Issue - State: closed - Opened by xnyo 8 months ago
Labels: enhancement

#136 - Add validation for a signature to not contain rootUrls

Pull Request - State: closed - Opened by academo 9 months ago
Labels: enhancement

#135 - Upgrade semgrep to latest version

Issue - State: closed - Opened by academo 9 months ago - 4 comments
Labels: enhancement

#134 - Validate plugin signature type if present

Issue - State: closed - Opened by academo 9 months ago - 2 comments
Labels: enhancement

#133 - Removes the readme HTML validation

Pull Request - State: closed - Opened by academo 9 months ago

#131 - Remove HTML check

Issue - State: closed - Opened by sympatheticmoose 9 months ago

#130 - Hackaton: Experimental OpenAI-GPT code validation with tzap

Pull Request - State: closed - Opened by academo 9 months ago
Labels: enhancement

#129 - Use consistent references to Plugin catalog

Pull Request - State: closed - Opened by sympatheticmoose 10 months ago

#127 - Ignore json files for sourcemap validation

Pull Request - State: closed - Opened by academo 12 months ago
Labels: enhancement

#126 - New analyzer: detect usage of go-sdk and version for backend plugins

Issue - State: open - Opened by sympatheticmoose about 1 year ago
Labels: enhancement

#125 - New analyzer: detect usage of Toolkit

Issue - State: closed - Opened by sympatheticmoose about 1 year ago
Labels: enhancement

#124 - New analyzer: detect usage of unstable ui components

Issue - State: closed - Opened by sympatheticmoose about 1 year ago - 1 comment
Labels: enhancement

#123 - Fix a problem with windows-generated go manifest files

Pull Request - State: closed - Opened by academo about 1 year ago - 1 comment
Labels: bug

#122 - Update Angular detection patterns to include the detector script ones

Pull Request - State: closed - Opened by xnyo about 1 year ago
Labels: enhancement

#121 - Check latest Go version when releasing

Pull Request - State: closed - Opened by marefr about 1 year ago - 1 comment

#120 - Remove po.st from banned domain list

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: bug

#119 - Ignores files that contain pnpm folder structure signature

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: bug

#118 - Chore: Build: Use Go 1.20.X

Pull Request - State: closed - Opened by xnyo about 1 year ago

#117 - Temporary disable osv scanner

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: bug

#116 - Ignore SVG files for sourcemap diff

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: bug

#115 - OSV Scanner tests flaky due to updated database

Issue - State: closed - Opened by academo about 1 year ago - 1 comment
Labels: bug

#114 - Skip flaky test

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: bug

#112 - start adding other package managers

Pull Request - State: closed - Opened by briangann about 1 year ago
Labels: enhancement

#110 - Avoid gomanifest check for non-backend plugins

Pull Request - State: closed - Opened by andresmgot about 1 year ago

#109 - Expand list of allowed ENV variables in go plugins

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: enhancement

#108 - fix: return ok when screenshots don't exist

Pull Request - State: closed - Opened by eh-am about 1 year ago - 1 comment
Labels: bug

#107 - Fix typo in metadatapaths

Pull Request - State: closed - Opened by 6nv about 1 year ago

#106 - Allow absolute screenshot URLs in plugin.json

Issue - State: closed - Opened by 6nv about 1 year ago - 2 comments

#105 - False positive matching of trackingscripts in compiled source code

Issue - State: closed - Opened by marefr about 1 year ago
Labels: bug

#104 - couldn't extract plugin archive: zip: not a valid zip file

Issue - State: closed - Opened by CloudWise-Lukemiao about 1 year ago - 2 comments

#103 - osv-scanner used as a library with more reliable filtering

Pull Request - State: closed - Opened by briangann about 1 year ago
Labels: enhancement

#102 - Fix sourcemap validation

Pull Request - State: closed - Opened by marefr about 1 year ago

#101 - `metadatapath` analyzer is being skipped

Issue - State: closed - Opened by eh-am about 1 year ago - 4 comments

#100 - Github Actions: Move away from grafanabot token and use a Github App

Issue - State: closed - Opened by tolzhabayev about 1 year ago - 1 comment

#99 - Add support for analyzer exceptions

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: enhancement

#98 - Flaky CI - gosec

Issue - State: closed - Opened by sympatheticmoose about 1 year ago - 2 comments

#97 - Expand list of allowed licenses to include BSD

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: enhancement

#96 - Include diff report when typescript and javascript files missmatch

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: enhancement

#95 - Ignore css files in the validator source map check

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: bug

#94 - disable OSV scanner

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: bug

#93 - add code of conduct to project

Pull Request - State: closed - Opened by sympatheticmoose about 1 year ago

#92 - Provide instruction on running the plugin validator using NPX with local files.

Pull Request - State: closed - Opened by 6nv about 1 year ago - 1 comment

#91 - minor spelling corrections

Pull Request - State: closed - Opened by sympatheticmoose about 1 year ago

#90 - update readme

Pull Request - State: closed - Opened by sympatheticmoose about 1 year ago - 1 comment

#89 - Add analyzer to detect standalone backend debug files

Pull Request - State: closed - Opened by xnyo about 1 year ago - 2 comments
Labels: enhancement

#88 - Update readme with how to use information

Pull Request - State: closed - Opened by academo about 1 year ago
Labels: documentation