Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / ossf/package-analysis issues and pull requests

#899 - bring static analysis schema JSON into line with actual data format

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#898 - add doc for results data format

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#897 - Bump the gomod-minor-updates group with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#896 - Default "on" SaveAnalyzedPackages now it is enabled in prod.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#895 - Remove result_bucket_override support.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#894 - Bump the gomod-minor-updates group with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#893 - Bump the loader-minor-updates group in /function/loader with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#892 - Fix dockerfile to match best practices

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#891 - dependabot: group all minor and patch updates

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#890 - Add `dnsutils` to dynamic analysis image + remove extra update/upgrades

Pull Request - State: closed - Opened by calebbrown about 1 year ago - 1 comment

#889 - Bump google.golang.org/api from 0.138.0 to 0.141.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#888 - Bump go.uber.org/zap from 1.25.0 to 1.26.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#887 - Bump gocloud.dev/pubsub/kafkapubsub from 0.33.0 to 0.34.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#886 - Bump go.uber.org/zap/exp from 0.1.1-0.20230825131617-98e9c4fe632c to 0.2.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#885 - Bump google.golang.org/grpc from 1.57.0 to 1.58.1

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#884 - Bump gocloud.dev from 0.33.1-0.20230808164326-dee61a596af0 to 0.34.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#883 - Bump cloud.google.com/go/bigquery from 1.54.0 to 1.55.0 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#882 - Enable package saving.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#881 - Handle missing PyPI packages properly as well.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#880 - Fix Packagist JSON parsing to correctly parse dist fields.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#879 - remove email address from static analysis schema

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#878 - don't upload static analysis results when there is no data

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#877 - static analysis minor bugfixes

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#876 - remove email address detection in string literals

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#875 - add constant for static analysis schema version

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#874 - Complete the slogging changes.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#873 - clean up dependabot config and check for GH actions updates weekly

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#871 - Migrate to slog in static analysis, and remove now-dead logging code.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#870 - Bump actions/dependency-review-action from 3.0.8 to 3.1.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#869 - Static analysis: unify result struct into single array of file data

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#868 - move key fields to top level in static analysis schema

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#867 - Add parsed string value to EscapedStrings struct

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#866 - Rename obfuscation package to signals

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#865 - Static analysis basic data refactor

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#865 - Static analysis basic data refactor

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#863 - fix null values in static analysis parsing results

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#862 - Bump actions/upload-artifact from 3.1.2 to 3.1.3

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#861 - move `created` field to top level in static analysis schema

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#860 - Turn the result dest into a result store instance.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#859 - Make explicit top-level structs for serialised analysis results

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#858 - Add xxd to dynamic analysis sandbox.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#857 - Move the sandbox code over to slog and propogate context everywhere.

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#856 - Add test credential access functionality and package structure refactor

Pull Request - State: closed - Opened by elainechien about 1 year ago - 1 comment

#855 - Fix bugs in static analysis schema

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#854 - JS parsing: Improve handling of string templates

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#853 - Bump actions/checkout from 3.6.0 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#852 - The description about what types of data has been collected?

Issue - State: closed - Opened by Wapiti08 about 1 year ago - 1 comment
Labels: documentation

#851 - Move more logs over to slog.

Pull Request - State: closed - Opened by calebbrown about 1 year ago - 1 comment

#850 - Replace more logging calls with slog and context.

Pull Request - State: closed - Opened by calebbrown about 1 year ago - 1 comment

#850 - Replace more logging calls with slog and context.

Pull Request - State: open - Opened by calebbrown about 1 year ago - 1 comment

#849 - Use node v18 instead of v12 (the default for Ubuntu 22.04)

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#849 - Use node v18 instead of v12 (the default for Ubuntu 22.04)

Pull Request - State: closed - Opened by calebbrown about 1 year ago

#847 - static analysis: rename FileType to Description, fix some json names

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#847 - static analysis: rename FileType to Description, fix some json names

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#846 - Migrate the analyze cmd to slog. Remove unused log funcs.

Pull Request - State: closed - Opened by calebbrown about 1 year ago - 1 comment

#846 - Migrate the analyze cmd to slog. Remove unused log funcs.

Pull Request - State: closed - Opened by calebbrown about 1 year ago - 1 comment

#845 - Enable log/slog from Go v1.21 and migrate scheduler.

Pull Request - State: closed - Opened by calebbrown about 1 year ago - 1 comment

#845 - Enable log/slog from Go v1.21 and migrate scheduler.

Pull Request - State: closed - Opened by calebbrown about 1 year ago - 1 comment

#844 - Create new dynamic analysis phase for code execution

Issue - State: open - Opened by maxfisher-g about 1 year ago
Labels: enhancement, dynamic analysis

#844 - Create new dynamic analysis phase for code execution

Issue - State: closed - Opened by maxfisher-g about 1 year ago
Labels: enhancement, dynamic analysis

#843 - Improve static analysis unit tests and do cleanups

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#843 - Improve static analysis unit tests and do cleanups

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#842 - update go to v1.21

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#841 - dependabot: batch minor updates to github actions

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#840 - Bump actions/checkout from 3.5.3 to 3.6.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#838 - Static analysis result structure rework

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago - 1 comment

#837 - Disable code execution feature by default

Pull Request - State: closed - Opened by maxfisher-g about 1 year ago

#836 - Change static analysis JSON schema to support BigQuery import

Issue - State: closed - Opened by maxfisher-g about 1 year ago - 2 comments
Labels: static analysis

#835 - Define a global entropy measurement for strings and literals

Issue - State: open - Opened by maxfisher-g about 1 year ago - 1 comment
Labels: static analysis

#834 - Remove entropy summaries and add individual entries to each literal

Issue - State: closed - Opened by maxfisher-g about 1 year ago - 1 comment
Labels: static analysis

#833 - Bump actions/setup-node from 3.8.0 to 3.8.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#832 - Bump cloud.google.com/go/bigquery from 1.53.0 to 1.54.0 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#831 - Bump google.golang.org/api from 0.137.0 to 0.138.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#830 - Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#829 - Bump actions/dependency-review-action from 3.0.7 to 3.0.8

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#828 - Add unit tests for GCP and PubSub buckets in ResultStore

Issue - State: open - Opened by maxfisher-g over 1 year ago
Labels: go

#828 - Add unit tests for GCP and PubSub buckets in ResultStore

Issue - State: open - Opened by maxfisher-g over 1 year ago
Labels: go

#827 - Bump google.golang.org/api from 0.136.0 to 0.137.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#827 - Bump google.golang.org/api from 0.136.0 to 0.137.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#826 - Bump actions/setup-node from 3.7.0 to 3.8.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#825 - Rework of bucket path handling in resultstore.go

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago

#825 - Rework of bucket path handling in resultstore.go

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago

#824 - Bump actions/dependency-review-action from 3.0.6 to 3.0.7

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#824 - Bump actions/dependency-review-action from 3.0.6 to 3.0.7

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#823 - print static analysis errors using logger

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago

#823 - print static analysis errors using logger

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago

#822 - Bump actions/setup-go from 4.0.1 to 4.1.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#822 - Bump actions/setup-go from 4.0.1 to 4.1.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#821 - Bump google.golang.org/api from 0.134.0 to 0.136.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#821 - Bump google.golang.org/api from 0.134.0 to 0.136.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#820 - Add option to print feature flags in analyze script

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago

#820 - Add option to print feature flags in analyze script

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago

#819 - Bump google.golang.org/api from 0.134.0 to 0.135.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#819 - Bump google.golang.org/api from 0.134.0 to 0.135.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#818 - add URL, IP and email address detection in strings

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago