Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / ossf/package-analysis issues and pull requests

#762 - Bump golangci/golangci-lint-action from 3.5.0 to 3.6.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#762 - Bump golangci/golangci-lint-action from 3.5.0 to 3.6.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#761 - Bump actions/checkout from 3.5.2 to 3.5.3

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#760 - Bump github/codeql-action from 2.3.6 to 2.13.4

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#760 - Bump github/codeql-action from 2.3.6 to 2.13.4

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#758 - fix bug in dynamic analysis dockerfile workdir

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago

#758 - fix bug in dynamic analysis dockerfile workdir

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago

#757 - Switch unsupported google/gopacket to gopacket/gopacket

Pull Request - State: closed - Opened by calebbrown over 1 year ago

#756 - remove restriction on number of stdout and stderr lines recorded

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago

#755 - Support Python packages that aren't on PyPI

Issue - State: open - Opened by maxfisher-g over 1 year ago - 2 comments
Labels: enhancement, dynamic analysis

#755 - Support Python packages that aren't on PyPI

Issue - State: open - Opened by maxfisher-g over 1 year ago - 2 comments
Labels: enhancement, dynamic analysis

#754 - crates.io error with `itoa` package

Issue - State: closed - Opened by maxfisher-g over 1 year ago

#754 - crates.io error with `itoa` package

Issue - State: closed - Opened by maxfisher-g over 1 year ago

#753 - Replace google/gopacket with gopacket/gopacket

Issue - State: closed - Opened by calebbrown over 1 year ago
Labels: go, internal cleanup

#753 - Replace google/gopacket with gopacket/gopacket

Issue - State: closed - Opened by calebbrown over 1 year ago
Labels: go, internal cleanup

#751 - log stderr from command errors, if present

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago - 1 comment

#750 - Improve logging of podman errors

Issue - State: closed - Opened by maxfisher-g over 1 year ago - 1 comment

#749 - move bucket upload logic to worker package

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago

#747 - when execution log is missing, log as warning and don't save to bucket

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago - 1 comment

#742 - Make workers more ephemeral to avoid space issues.

Pull Request - State: closed - Opened by calebbrown over 1 year ago - 1 comment

#741 - Production workers are running out of container space for sandboxes

Issue - State: closed - Opened by calebbrown over 1 year ago - 2 comments
Labels: bug, infrastructure

#741 - Production workers are running out of container space for sandboxes

Issue - State: closed - Opened by calebbrown over 1 year ago - 2 comments
Labels: bug, infrastructure

#739 - Save analyzed package

Pull Request - State: closed - Opened by dukecat0 over 1 year ago - 19 comments

#739 - Save analyzed package

Pull Request - State: closed - Opened by dukecat0 over 1 year ago - 19 comments

#731 - Allow passing in sandbox configuration

Issue - State: closed - Opened by maxfisher-g over 1 year ago

#731 - Allow passing in sandbox configuration

Issue - State: closed - Opened by maxfisher-g over 1 year ago

#730 - node, pypi: execute package code during import phase

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago - 4 comments

#730 - node, pypi: execute package code during import phase

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago - 4 comments

#723 - For local analysis, copy archives into sandbox instead of mounting

Pull Request - State: closed - Opened by elainechien over 1 year ago

#723 - For local analysis, copy archives into sandbox instead of mounting

Pull Request - State: closed - Opened by elainechien over 1 year ago

#722 - Bump actions/setup-go from 4.0.0 to 4.0.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#721 - Bump cloud.google.com/go/bigquery from 1.51.0 to 1.51.2 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#720 - Bump cloud.google.com/go/bigquery from 1.51.0 to 1.51.1 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#719 - Bump github/codeql-action from 2.3.2 to 2.3.3

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#718 - Zipfile version fix

Pull Request - State: closed - Opened by elainechien over 1 year ago

#717 - use combined sandbox in worker

Pull Request - State: closed - Opened by maxfisher-g over 1 year ago - 1 comment

#716 - Bump github/codeql-action from 2.3.1 to 2.3.2

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#715 - Bump github/codeql-action from 2.3.0 to 2.3.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#714 - Enable combined dynamic analysis sandbox in worker

Issue - State: closed - Opened by maxfisher-g over 1 year ago
Labels: dynamic analysis

#713 - Bump github/codeql-action from 2.2.11 to 2.3.0

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies, github_actions

#712 - analyse-tarballs.sh: add globbing of *.tar.gz files

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#711 - Bump cloud.google.com/go/bigquery from 1.50.0 to 1.51.0 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies, go

#710 - Bump github/codeql-action from 2.2.11 to 2.2.12

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies, github_actions

#709 - Bump actions/checkout from 3.5.0 to 3.5.2

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies, github_actions

#708 - Bump actions/checkout from 3.5.0 to 3.5.1

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies, github_actions

#707 - Bump github/codeql-action from 2.2.10 to 2.2.11

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#706 - Bump github/codeql-action from 2.2.9 to 2.2.10

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#705 - Is the *.tgz in line 80 of the analyze-tarballs.sh file wrong?

Issue - State: closed - Opened by coffeehb almost 2 years ago - 1 comment

#704 - Bump cloud.google.com/go/bigquery from 1.49.0 to 1.50.0 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, go

#703 - Create BigQuery schema and ingest static analysis results

Issue - State: closed - Opened by maxfisher-g almost 2 years ago
Labels: static analysis

#702 - Bump ossf/scorecard-action from 2.1.2 to 2.1.3

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#701 - Fix analysis script error when /var/lib is backed by an overlay mount

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#700 - Bump github/codeql-action from 2.2.8 to 2.2.9

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#699 - Bump actions/checkout from 3.4.0 to 3.5.0

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#698 - Bump github/codeql-action from 2.2.7 to 2.2.8

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#697 - Bump actions/dependency-review-action from 3.0.3 to 3.0.4

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#696 - Reorder BigQuery schema.json

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#695 - DNS requests appear to be missing or incomplete.

Issue - State: open - Opened by maxfisher-g almost 2 years ago - 3 comments

#694 - Bump cloud.google.com/go/bigquery from 1.48.0 to 1.49.0 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, go

#693 - Bump actions/checkout from 3.3.0 to 3.4.0

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#692 - Bump actions/setup-go from 3.5.0 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#691 - Bump github/codeql-action from 2.2.6 to 2.2.7

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#690 - Simplify the passing of sandbox options around and reduce modality.

Pull Request - State: closed - Opened by calebbrown almost 2 years ago - 2 comments

#689 - Sandbox failed (error starting container: exit status 125)

Issue - State: closed - Opened by rodion-gudz almost 2 years ago - 9 comments

#688 - add go.work file for multi module support

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago - 1 comment

#687 - Improve analyse-tarballs.sh script

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#686 - Copy local archives into sandbox rather than mounting

Issue - State: open - Opened by maxfisher-g almost 2 years ago
Labels: enhancement, good first issue

#685 - Bump github/codeql-action from 2.2.5 to 2.2.6

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#684 - fix incorrect error handling in analysis binary

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#683 - Add "tar.gz" for local PyPi package scanning supports

Issue - State: closed - Opened by coffeehb almost 2 years ago - 6 comments
Labels: bug

#682 - Remove suspicious files field from obfuscation results

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#681 - feat: add urls (http+https) to json report

Pull Request - State: open - Opened by Alik-Kold almost 2 years ago - 1 comment

#679 - Sandbox failed (error starting container: exit status 125)

Issue - State: closed - Opened by coffeehb almost 2 years ago - 5 comments

#678 - Bump gocloud.dev from 0.28.0 to 0.29.0

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 4 comments
Labels: dependencies, go

#677 - Bump gocloud.dev/pubsub/kafkapubsub from 0.28.0 to 0.29.0

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 3 comments
Labels: dependencies, go

#676 - Update hashing implementation to reduce memory consumption

Pull Request - State: closed - Opened by calebbrown almost 2 years ago

#675 - Remove retry logic as docker-compose and k8s handles it.

Pull Request - State: closed - Opened by calebbrown almost 2 years ago

#674 - Use *zap.Logger in the scheduler, rather than the global log

Pull Request - State: closed - Opened by calebbrown almost 2 years ago

#673 - Bump cloud.google.com/go/bigquery from 1.47.0 to 1.48.0 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, go

#672 - Allow running code as part of dynamic analysis

Issue - State: open - Opened by kushaldas almost 2 years ago - 4 comments
Labels: dynamic analysis, needs discussion

#671 - Prepare to move away from global logger + fix race condition in Writer

Pull Request - State: closed - Opened by calebbrown almost 2 years ago

#670 - Enable static analysis in worker

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#669 - Run static analysis locally by default

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#668 - Use explicit setup working directory for dynamic analysis dockerfile

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#667 - rename "basic_data" to "basic" in static analysis results JSON

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#665 - Bump github/codeql-action from 2.2.4 to 2.2.5

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions

#664 - Add URL and IP address detection to static analysis

Issue - State: closed - Opened by maxfisher-g almost 2 years ago
Labels: enhancement, static analysis

#663 - Make approach to defining enums consistent across the project

Issue - State: open - Opened by calebbrown almost 2 years ago - 6 comments
Labels: go, needs discussion, internal cleanup

#662 - remove duplicated default text for combined sandbox option

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#661 - replace println with fmt.Println

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago

#660 - Bump cloud.google.com/go/bigquery from 1.46.0 to 1.47.0 in /function/loader

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, go

#659 - increase cloudbuild timeout to 40 minutes

Pull Request - State: closed - Opened by maxfisher-g almost 2 years ago