Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / ossf/malicious-packages issues and pull requests

#791 - Adding new malicious npm packages

Pull Request - State: open - Opened by awsactran 6 days ago

#790 - Adding new malicious NPM packages

Pull Request - State: closed - Opened by awsactran 7 days ago

#789 - Adding new malicious packages

Pull Request - State: closed - Opened by awsactran 7 days ago

#788 - Added new npm reports

Pull Request - State: closed - Opened by awsactran 7 days ago

#787 - Added new npm report @zohaib2121/dtapp

Pull Request - State: closed - Opened by awsactran 7 days ago

#786 - Added malicious npm package tree-sitter-hcl

Pull Request - State: closed - Opened by awsactran 7 days ago - 1 comment

#785 - Added malicious npm package tree-sitter-hcl

Pull Request - State: closed - Opened by awsactran 7 days ago

#784 - Adding new npm reports

Pull Request - State: closed - Opened by poppysec 7 days ago

#782 - Bump the actions-minor-updates group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 8 days ago
Labels: dependencies, github_actions

#781 - Added report for org.cocoapods.csv npm package

Pull Request - State: closed - Opened by 6mile 9 days ago

#780 - Added report for sample_cluster npm package

Pull Request - State: closed - Opened by 6mile 9 days ago

#779 - Bump the actions-minor-updates group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 10 days ago - 2 comments
Labels: dependencies, github_actions

#778 - Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.73.2 to 1.74.1 in the go-minor-updates group

Pull Request - State: closed - Opened by dependabot[bot] 10 days ago - 2 comments
Labels: dependencies, go

#776 - Add recent reports

Pull Request - State: closed - Opened by poppysec 16 days ago

#775 - Bump the go-minor-updates group across 1 directory with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 17 days ago - 2 comments
Labels: dependencies, go

#774 - Fixed npm next-refresh-token details

Pull Request - State: closed - Opened by elad-pticha 18 days ago

#772 - Bump the go-minor-updates group with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 18 days ago - 1 comment
Labels: dependencies, go

#770 - Improve the dependabot config to lower toil.

Pull Request - State: closed - Opened by calebbrown 18 days ago

#769 - Added report for next-refresh-token npm package

Pull Request - State: closed - Opened by elad-pticha 18 days ago

#768 - Added report for openssl-node npm package

Pull Request - State: closed - Opened by elad-pticha 18 days ago

#767 - Added report for serve-static-corell npm package

Pull Request - State: closed - Opened by elad-pticha 18 days ago

#766 - Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.72.2 to 1.73.1

Pull Request - State: closed - Opened by dependabot[bot] 20 days ago - 1 comment
Labels: dependencies, go

#765 - Bump golangci/golangci-lint-action from 6.1.1 to 6.2.0

Pull Request - State: closed - Opened by dependabot[bot] 20 days ago - 5 comments
Labels: dependencies, github_actions

#764 - Bump github.com/aws/aws-sdk-go from 1.55.5 to 1.55.6

Pull Request - State: closed - Opened by dependabot[bot] 21 days ago - 1 comment
Labels: dependencies, go

#763 - Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.72.2 to 1.73.0

Pull Request - State: closed - Opened by dependabot[bot] 21 days ago - 1 comment
Labels: dependencies, go

#762 - Added report for netflixdesign npm package

Pull Request - State: closed - Opened by 6mile 22 days ago

#761 - Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.72.2 to 1.72.3

Pull Request - State: closed - Opened by dependabot[bot] 22 days ago - 1 comment
Labels: dependencies, go

#760 - Add a step in validate workflow to loosen the "id" validation.

Pull Request - State: closed - Opened by calebbrown 23 days ago

#759 - Added report for venmo-ui npm package

Pull Request - State: closed - Opened by 6mile 23 days ago - 1 comment

#758 - Bump actions/checkout from 4.1.7 to 4.2.2

Pull Request - State: closed - Opened by dependabot[bot] 23 days ago
Labels: dependencies, github_actions

#758 - Bump actions/checkout from 4.1.7 to 4.2.2

Pull Request - State: closed - Opened by dependabot[bot] 23 days ago
Labels: dependencies, github_actions

#754 - Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.71.0 to 1.72.2

Pull Request - State: closed - Opened by dependabot[bot] 24 days ago - 2 comments
Labels: dependencies, go

#754 - Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.71.0 to 1.72.2

Pull Request - State: closed - Opened by dependabot[bot] 24 days ago - 2 comments
Labels: dependencies, go

#753 - fixed version number in MAL-2025-56

Pull Request - State: closed - Opened by 6mile 24 days ago

#753 - fixed version number in MAL-2025-56

Pull Request - State: closed - Opened by 6mile 24 days ago

#752 - MAL-2025-56 has an invalid version

Issue - State: closed - Opened by hogo6002 24 days ago - 1 comment

#752 - MAL-2025-56 has an invalid version

Issue - State: closed - Opened by hogo6002 24 days ago - 1 comment

#750 - Added reports for 4 malicious npm packages

Pull Request - State: closed - Opened by 6mile 24 days ago

#750 - Added reports for 4 malicious npm packages

Pull Request - State: closed - Opened by 6mile 24 days ago

#749 - Added report for mlb-site-core npm package

Pull Request - State: closed - Opened by 6mile 24 days ago

#749 - Added report for mlb-site-core npm package

Pull Request - State: closed - Opened by 6mile 24 days ago

#748 - Bump golang.org/x/net from 0.31.0 to 0.33.0

Pull Request - State: closed - Opened by dependabot[bot] 24 days ago - 1 comment
Labels: dependencies, go

#748 - Bump golang.org/x/net from 0.31.0 to 0.33.0

Pull Request - State: closed - Opened by dependabot[bot] 24 days ago - 1 comment
Labels: dependencies, go

#747 - Bump github/codeql-action from 3.27.9 to 3.28.1

Pull Request - State: closed - Opened by dependabot[bot] 24 days ago
Labels: dependencies, github_actions

#746 - Added report for jiolocate-ui npm package

Pull Request - State: closed - Opened by 6mile 25 days ago

#746 - Added report for jiolocate-ui npm package

Pull Request - State: closed - Opened by 6mile 25 days ago

#745 - Added report for romanes-eunt-domus-jd-1337 npm package

Pull Request - State: closed - Opened by 6mile 25 days ago

#745 - Added report for romanes-eunt-domus-jd-1337 npm package

Pull Request - State: closed - Opened by 6mile 25 days ago

#744 - Repair the walletcore-gen (npm) report.

Pull Request - State: closed - Opened by calebbrown 25 days ago

#743 - Fix solanacore (npm) report.

Pull Request - State: closed - Opened by calebbrown 25 days ago - 1 comment

#743 - Fix solanacore (npm) report.

Pull Request - State: closed - Opened by calebbrown 25 days ago - 1 comment

#741 - Add report for hardhat-dotenv

Pull Request - State: closed - Opened by poppysec 28 days ago

#740 - Bump actions/upload-artifact from 4.4.3 to 4.6.0

Pull Request - State: closed - Opened by dependabot[bot] 28 days ago
Labels: dependencies, github_actions

#739 - Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.71.0 to 1.72.1

Pull Request - State: closed - Opened by dependabot[bot] 28 days ago - 2 comments
Labels: dependencies, go

#738 - Added reports for five malicious npm packages

Pull Request - State: closed - Opened by 6mile 30 days ago

#737 - Added npm package Walletcore gen

Pull Request - State: closed - Opened by 6mile about 1 month ago

#736 - Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.71.0 to 1.72.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#735 - Added report for tt4b npm package

Pull Request - State: closed - Opened by 6mile about 1 month ago

#734 - Adds report for solanacore npm package

Pull Request - State: closed - Opened by 6mile about 1 month ago

#733 - Added reports for five malicious npm packages

Pull Request - State: closed - Opened by 6mile about 1 month ago

#732 - Added reports for three malicious npm packages

Pull Request - State: open - Opened by 6mile about 1 month ago

#732 - Added reports for three malicious npm packages

Pull Request - State: closed - Opened by 6mile about 1 month ago

#731 - Added report for webinarwebhookapp npm package

Pull Request - State: closed - Opened by 6mile about 1 month ago

#730 - Added reports for five malicious npm packages

Pull Request - State: closed - Opened by 6mile about 1 month ago

#729 - Added report for facetec-browser-sdk npm package

Pull Request - State: closed - Opened by 6mile about 1 month ago

#728 - Added report for four malicious npm packages

Pull Request - State: closed - Opened by 6mile about 1 month ago

#727 - Add report for solana-login stealer

Pull Request - State: closed - Opened by poppysec about 1 month ago

#726 - Added reports for five malicious npm packages

Pull Request - State: closed - Opened by 6mile about 1 month ago

#725 - Added reports for three malicious npm packages

Pull Request - State: closed - Opened by 6mile about 1 month ago

#724 - Added report for three npm packages

Pull Request - State: closed - Opened by 6mile about 1 month ago - 3 comments

#723 - Added three new malicious npm packages

Pull Request - State: closed - Opened by 6mile about 1 month ago

#722 - Added report for babel-preset-app npm package.

Pull Request - State: closed - Opened by 6mile about 1 month ago

#721 - Added report for fider npm package

Pull Request - State: closed - Opened by 6mile about 1 month ago

#720 - Added report for valid-package npm package

Pull Request - State: closed - Opened by 6mile about 1 month ago

#719 - Added report for malicious NPM packages solaraexecutor and xeno.dll

Pull Request - State: closed - Opened by 6mile about 1 month ago

#718 - Added report for officebrowserfeedback malicious NPM package

Pull Request - State: closed - Opened by 6mile about 1 month ago

#717 - Added report for bcoin-full and mx-exchange-docs malicious NPM packages

Pull Request - State: closed - Opened by 6mile about 1 month ago

#716 - Add report for faucet-microservice

Pull Request - State: closed - Opened by 6mile about 1 month ago

#715 - add report for crypto-buddies and v2-foundry npm packages

Pull Request - State: closed - Opened by 6mile about 1 month ago - 1 comment

#714 - Add report for unisocks npm package

Pull Request - State: closed - Opened by 6mile about 1 month ago

#713 - Bump github/codeql-action from 3.27.9 to 3.28.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#712 - Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.71.0 to 1.71.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, go

#711 - Bump github.com/google/osv-scanner from 1.8.1 to 1.9.2

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 3 comments
Labels: dependencies, go

#710 - Bump actions/upload-artifact from 4.4.3 to 4.5.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#709 - Add reports for Cobalt Strike pkgs

Pull Request - State: closed - Opened by poppysec about 2 months ago

#708 - Bump actions/setup-go from 5.0.2 to 5.2.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#707 - Bump github/codeql-action from 3.26.6 to 3.27.9

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions