Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / ossf/package-analysis issues and pull requests

#985 - Bump golang.org/x/crypto from 0.16.0 to 0.17.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, go

#984 - Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, go

#984 - Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, go

#983 - Fix compose path

Pull Request - State: closed - Opened by lukehinds 11 months ago - 1 comment

#983 - Fix compose path

Pull Request - State: closed - Opened by lukehinds 11 months ago - 1 comment

#982 - ES modules fail to be imported during node.js dynamic analysis

Issue - State: open - Opened by maxfisher-g 11 months ago
Labels: bug

#982 - ES modules fail to be imported during node.js dynamic analysis

Issue - State: open - Opened by maxfisher-g 11 months ago
Labels: bug

#981 - Bump the parsing-minor-updates group in /internal/staticanalysis/parsing with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, javascript

#980 - Bump the gomod-minor-updates group with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, go

#979 - Bump the actions-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, github_actions

#978 - Add archive checksum

Pull Request - State: closed - Opened by h0x0er 12 months ago - 2 comments

#977 - Please

Issue - State: closed - Opened by branden1992 12 months ago - 1 comment

#976 - reduce dependabot PR frequency to monthly

Pull Request - State: closed - Opened by maxfisher-g 12 months ago

#975 - cmd/analyze: add resolved package version to logging context

Pull Request - State: closed - Opened by maxfisher-g 12 months ago

#974 - add python3-dev package to dynamic analysis dockerfile

Pull Request - State: closed - Opened by maxfisher-g 12 months ago

#973 - Bump the parsing-minor-updates group in /internal/staticanalysis/parsing with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, javascript

#972 - Bump the gomod-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#971 - support extracting zip archives

Issue - State: open - Opened by maxfisher-g about 1 year ago - 2 comments
Labels: static analysis

#969 - update babel parser to match babel traverse version

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#966 - dependabot.yml: group npm updates for parsing script

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#965 - Bump the actions-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#964 - Bump @babel/parser from 7.23.0 to 7.23.3 in /internal/staticanalysis/parsing

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 9 comments
Labels: dependencies, javascript

#963 - Bump @babel/traverse from 7.23.2 to 7.23.3 in /internal/staticanalysis/parsing

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, javascript

#962 - Bump the gomod-minor-updates group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#961 - Bump golang.org/x/crypto from 0.14.0 to 0.15.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#960 - restructure dynamic analysis schema

Issue - State: open - Opened by maxfisher-g about 1 year ago
Labels: enhancement, data

#959 - collect hash for downloaded archive

Issue - State: open - Opened by maxfisher-g about 1 year ago
Labels: enhancement, static analysis

#958 - enable code execution feature by default

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#957 - Bump the actions-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#956 - Bump the gomod-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#955 - add alias of scanned vulnerability

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#954 - add explicit go setup step for CodeQL analysis

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#952 - Bump the loader-minor-updates group in /function/loader with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#951 - add osv-scanner.toml

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago - 1 comment

#950 - add separate result bucket for execution log

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#949 - Add OSV-Scanner github action

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago - 1 comment

#948 - Add environment variable baits

Pull Request - State: closed - Opened by elainechien about 1 year ago

#947 - update dynamic analysis Load function

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#946 - enable code execution feature in worker

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago - 1 comment

#945 - Bump the gomod-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#944 - Bump the loader-minor-updates group in /function/loader with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#943 - add BigQuery loader function for static analysis

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago - 1 comment

#942 - update static analysis json schema for bigquery ingestion

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#941 - fix issues with deploy script and move it to the scripts/ folder

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#940 - Use os.Create to truncate the results file if a previous one exists.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#940 - Use os.Create to truncate the results file if a previous one exists.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#939 - Add script for kubernetes deployment

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#939 - Add script for kubernetes deployment

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#938 - Bump google.golang.org/grpc from 1.57.0 to 1.57.1 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#937 - add Makefile recipe to build test images for e2e test

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#937 - add Makefile recipe to build test images for e2e test

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#936 - update docs for static analysis data schema

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#936 - update docs for static analysis data schema

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#935 - Bump actions/setup-node from 3.8.1 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#934 - Bump the actions-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#934 - Bump the actions-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#933 - Bump the gomod-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#931 - Update CONTRIBUTING.md with style guide note

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#931 - Update CONTRIBUTING.md with style guide note

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#930 - Bump the actions-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#930 - Bump the actions-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#929 - Bump vulnerable @babel/traverse version

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#929 - Bump vulnerable @babel/traverse version

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#928 - Bump @babel/traverse from 7.20.1 to 7.23.2 in /internal/staticanalysis/parsing

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, javascript

#928 - Bump @babel/traverse from 7.20.1 to 7.23.2 in /internal/staticanalysis/parsing

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, javascript

#927 - Bump the gomod-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#927 - Bump the gomod-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#926 - Add execute phase to dynamic analysis

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#925 - Inline single-key JSON structs in static analysis formatter script

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#924 - omit null JS and valuecounts data from staticanalysis result struct

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#923 - static analysis: rename "description" field to "detected_type"

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#922 - make token.IdentifierType into an integer enum

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#921 - worker: run dynamic and static analysis unconditionally

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#920 - Make public API struct for static analysis data

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#919 - Bump the gomod-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#918 - Bump golang.org/x/net from 0.15.0 to 0.17.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#917 - Bump golang.org/x/net from 0.14.0 to 0.17.0 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#916 - Add ssh key pair bait to sandbox

Pull Request - State: closed - Opened by elainechien about 1 year ago

#915 - Bump the gomod-minor-updates group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#914 - Bump google.golang.org/grpc from 1.58.2 to 1.58.3

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#913 - Bump the gomod-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#912 - Bump the actions-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#911 - Bump the gomod-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#910 - Bump the loader-minor-updates group in /function/loader with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#909 - Bump the gomod-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#908 - write static analysis results to v1 bucket

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#907 - Bump the actions-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#906 - Bump the gomod-minor-updates group with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#905 - Bump github.com/package-url/packageurl-go from 0.1.1 to 0.1.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#904 - Bump actions/checkout from 4.0.0 to 4.1.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#903 - Bump the gomod-minor-updates group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#902 - Bump the gomod-minor-updates group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#901 - create /root/.ssh directory in dynamic analysis Dockerfile

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#900 - Update go version in README.md

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago