Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / ossf/scorecard issues and pull requests

#4418 - :seedling: Bump github.com/go-git/go-billy/v5 from 5.5.0 to 5.6.0

Pull Request - State: open - Opened by dependabot[bot] 4 days ago
Labels: dependencies, go

#4417 - :seedling: Bump the distroless group across 6 directories with 1 update

Pull Request - State: open - Opened by dependabot[bot] 4 days ago
Labels: dependencies, docker

#4416 - :seedling: Bump the github-actions group with 2 updates

Pull Request - State: open - Opened by dependabot[bot] 4 days ago - 1 comment
Labels: dependencies, github_actions

#4415 - :bug: Add a workaround for organisations in GitLab

Pull Request - State: open - Opened by verm 4 days ago

#4414 - :sparkles: Add files support for Azure DevOps

Pull Request - State: open - Opened by JamieMagee 7 days ago - 1 comment

#4413 - Scorecard doesn't detect OpenSSF Best Practices badge

Issue - State: closed - Opened by ivanoblomov 10 days ago - 4 comments
Labels: kind/bug

#4412 - :seedling: Bump github.com/moby/buildkit from 0.16.0 to 0.17.1

Pull Request - State: open - Opened by dependabot[bot] 11 days ago
Labels: dependencies, go

#4411 - :seedling: Bump github.com/onsi/gomega from 1.34.2 to 1.35.1

Pull Request - State: closed - Opened by dependabot[bot] 11 days ago
Labels: dependencies, go

#4410 - :seedling: Bump goreleaser/goreleaser-action from 6.0.0 to 6.1.0

Pull Request - State: open - Opened by dependabot[bot] 11 days ago
Labels: dependencies, github_actions

#4409 - :seedling: Bump the golang group across 8 directories with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 11 days ago
Labels: dependencies, docker

#4408 - ✨ Adds Elixir and Gleam as languages

Pull Request - State: closed - Opened by kikofernandez 13 days ago - 4 comments

#4407 - :seedling: Bump the github-actions group across 1 directory with 4 updates

Pull Request - State: closed - Opened by dependabot[bot] 14 days ago
Labels: dependencies, github_actions

#4406 - :sparkles: Add Erlang as a language

Pull Request - State: closed - Opened by kikofernandez 14 days ago - 4 comments

#4405 - :seedling: Bump github.com/google/osv-scanner from 1.9.0 to 1.9.1

Pull Request - State: open - Opened by dependabot[bot] 14 days ago - 3 comments
Labels: dependencies, go

#4404 - :seedling: Bump github.com/xanzy/go-gitlab from 0.112.0 to 0.113.0

Pull Request - State: closed - Opened by dependabot[bot] 15 days ago - 1 comment
Labels: dependencies, go

#4403 - :seedling: Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1

Pull Request - State: closed - Opened by dependabot[bot] 16 days ago
Labels: dependencies, go

#4402 - OpenSSF Scorecard report viewer does not handle nested gitlab groups correctly

Issue - State: closed - Opened by stexandev 16 days ago - 1 comment
Labels: kind/bug

#4401 - :seedling: Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 in /tools

Pull Request - State: closed - Opened by dependabot[bot] 18 days ago
Labels: dependencies, go

#4400 - :seedling: Bump cloud.google.com/go/bigquery from 1.63.1 to 1.64.0

Pull Request - State: closed - Opened by dependabot[bot] 18 days ago - 1 comment
Labels: dependencies, go

#4399 - :seedling: Bump the github-actions group across 1 directory with 4 updates

Pull Request - State: closed - Opened by dependabot[bot] 18 days ago - 2 comments
Labels: dependencies, github_actions

#4398 - :sparkles: New probe for required MFA

Pull Request - State: open - Opened by eddie-knight 24 days ago - 1 comment

#4397 - :seedling: Bump cloud.google.com/go/pubsub from 1.43.0 to 1.45.1

Pull Request - State: closed - Opened by dependabot[bot] 25 days ago
Labels: dependencies, go

#4396 - :seedling: Bump the distroless group across 6 directories with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 25 days ago - 1 comment
Labels: dependencies, docker

#4395 - :seedling: Bump actions/setup-go from 5.0.2 to 5.1.0

Pull Request - State: closed - Opened by dependabot[bot] 25 days ago - 1 comment
Labels: dependencies, github_actions, Stale

#4394 - :seedling: Bump the github-actions group with 4 updates

Pull Request - State: closed - Opened by dependabot[bot] 25 days ago - 1 comment
Labels: dependencies, github_actions

#4393 - Apparently GlobaLeaks CI-Tests seems not recognized.

Issue - State: open - Opened by evilaliv3 26 days ago - 1 comment
Labels: kind/bug

#4392 - Idea: Add some more projects to /projects.csv

Issue - State: open - Opened by hejjoe 28 days ago - 1 comment
Labels: kind/enhancement

#4391 - :bug: Added CLI output for --probes

Pull Request - State: open - Opened by eddie-knight 29 days ago - 2 comments

#4389 - :seedling: Bump cloud.google.com/go/pubsub from 1.43.0 to 1.45.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#4388 - :seedling: Bump mvdan.cc/sh/v3 from 3.9.0 to 3.10.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#4387 - :seedling: Bump the golang group across 8 directories with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, docker

#4386 - :seedling: Bump cloud.google.com/go/pubsub from 1.43.0 to 1.44.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#4385 - :seedling: Bump gocloud.dev from 0.39.0 to 0.40.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#4384 - :seedling: Bump the github-actions group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, github_actions

#4383 - :seedling: Bump github.com/xanzy/go-gitlab from 0.109.0 to 0.112.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 2 comments
Labels: dependencies, go

#4382 - :seedling: Bump the github-actions group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, github_actions

#4381 - BUG Pinned Dependency checks for nuget/.Net does not consider implicit restore

Issue - State: open - Opened by balteravishay about 1 month ago - 2 comments
Labels: kind/bug, check/Pinned-Dependencies

#4380 - Feature: Pinned Dependency checks support for Azure DevOps Pipelines

Issue - State: open - Opened by balteravishay about 1 month ago - 2 comments
Labels: kind/enhancement, check/Pinned-Dependencies

#4379 - :seedling: Bump github.com/xanzy/go-gitlab from 0.109.0 to 0.111.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#4378 - Support Composer (PHP) Package Manager

Issue - State: open - Opened by maennchen about 1 month ago
Labels: kind/enhancement

#4377 - ✨ Initial experimental Azure DevOps client

Pull Request - State: closed - Opened by JamieMagee about 1 month ago - 8 comments

#4376 - :seedling: Tighten restrictions for running `scdiff` workflow

Pull Request - State: closed - Opened by spencerschrock about 1 month ago

#4375 - :seedling: Bump google.golang.org/protobuf from 1.34.2 to 1.35.1 in /tools

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 3 comments
Labels: dependencies, go

#4374 - :seedling: Bump google.golang.org/protobuf from 1.34.2 to 1.35.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#4373 - :seedling: Bump the github-actions group with 4 updates

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#4372 - :seedling: Bump golang.org/x/text from 0.18.0 to 0.19.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#4371 - :seedling: Bump github.com/xanzy/go-gitlab from 0.109.0 to 0.110.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, go

#4370 - :seedling: Bump the golang group across 8 directories with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, docker

#4369 - :sparkles: Support Nuget Central Package Management

Pull Request - State: open - Opened by balteravishay about 2 months ago - 2 comments

#4368 - :seedling: Bump cloud.google.com/go/bigquery from 1.63.0 to 1.63.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#4367 - :seedling: Bump github.com/google/osv-scanner from 1.8.5 to 1.9.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 4 comments
Labels: dependencies, go

#4366 - :seedling: Bump github.com/golangci/golangci-lint from 1.60.1 to 1.61.0 in /tools

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, go

#4365 - :seedling: Bump github.com/rhysd/actionlint from 1.7.2 to 1.7.3

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#4364 - :seedling: Bump the github-actions group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#4363 - :seedling: Bump the golang group across 8 directories with 1 update

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, docker

#4362 - Wrong link in /docs/checks.md file

Issue - State: closed - Opened by AleX04Nov about 2 months ago - 1 comment
Labels: kind/bug

#4361 - :seedling: Bump github.com/goreleaser/goreleaser/v2 from 2.1.0 to 2.3.2 in /tools

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#4360 - :seedling: Bump cloud.google.com/go/bigquery from 1.62.0 to 1.63.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, go

#4359 - :seedling: Bump golang.org/x/text from 0.17.0 to 0.18.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 2 comments
Labels: dependencies, go

#4358 - :seedling: Bump github.com/rhysd/actionlint from 1.7.1 to 1.7.2

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#4357 - :seedling: Bump sigs.k8s.io/release-utils from 0.8.4 to 0.8.5

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 2 comments
Labels: dependencies, go

#4356 - :seedling: Bump the github-actions group across 1 directory with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#4355 - :seedling: Bump github.com/google/osv-scanner from 1.8.4 to 1.8.5

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 2 comments
Labels: dependencies, go

#4354 - :seedling: Bump the golang group across 8 directories with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, docker

#4352 - Public GH repo is getting 422 Validation Failed

Issue - State: open - Opened by diberry 2 months ago - 1 comment
Labels: kind/bug

#4351 - :sparkles: Support Nuget Pinned Dependency with RestoreLockedMode attribute

Pull Request - State: closed - Opened by balteravishay 2 months ago - 3 comments

#4350 - :seedling: Bump cloud.google.com/go/pubsub from 1.42.0 to 1.43.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#4349 - :seedling: Bump the golang group across 8 directories with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 2 comments
Labels: dependencies, docker

#4348 - :seedling: Bump the github-actions group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 2 comments
Labels: dependencies, github_actions

#4347 - BUG: scorecard does not recognize BSD-2-Clause-Patent license.

Issue - State: closed - Opened by grom72 2 months ago - 3 comments
Labels: kind/bug, check/License

#4346 - error fix

Issue - State: closed - Opened by mcneilrp1 2 months ago

#4345 - :seedling: Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 2 comments
Labels: dependencies, go

#4344 - :seedling: Bump github.com/moby/buildkit from 0.15.1 to 0.16.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, go

#4343 - :seedling: Bump the distroless group across 6 directories with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 2 comments
Labels: dependencies, docker

#4342 - :seedling: Bump the golang group across 8 directories with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, docker

#4341 - :seedling: Bump github.com/xanzy/go-gitlab from 0.107.0 to 0.109.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#4340 - BUG: Seeing cert error on https://www.bestpractices.dev/

Issue - State: closed - Opened by nitrocode 2 months ago - 2 comments
Labels: kind/bug

#4339 - Proposal: Improved experience for large-scale (multi-org, multi-repo) deployment of Scorecard

Issue - State: open - Opened by lelia 3 months ago - 1 comment
Labels: kind/enhancement, Stale

#4338 - Proposal: Define clear expectations for Triager role in contributor ladder

Issue - State: open - Opened by lelia 3 months ago - 3 comments
Labels: kind/enhancement

#4336 - ✨ Add woodpecker as known CI

Pull Request - State: closed - Opened by 6543 3 months ago - 3 comments

#4335 - :ghost: git ignore vendor folder

Pull Request - State: closed - Opened by 6543 3 months ago - 4 comments

#4334 - 📖 Fix SBOM-Everywhere link

Pull Request - State: closed - Opened by evankanderson 3 months ago - 1 comment

#4333 - Feature: Managed Github App per org instead of github action per repo

Issue - State: open - Opened by nitrocode 3 months ago - 3 comments
Labels: kind/enhancement, Stale

#4332 - :seedling: Bump github.com/onsi/gomega from 1.34.1 to 1.34.2

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#4331 - :seedling: Bump github.com/xanzy/go-gitlab from 0.107.0 to 0.108.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, go

#4330 - :seedling: Bump github.com/moby/buildkit from 0.15.1 to 0.15.2

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 2 comments
Labels: dependencies, go

#4329 - BUG: Missing data for repository

Issue - State: closed - Opened by nitrocode 3 months ago - 2 comments
Labels: kind/bug

#4328 - :seedling: Bump actions/upload-artifact from 4.3.6 to 4.4.0 in the github-actions group

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#4327 - :seedling: Bump the golang group across 8 directories with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 2 comments
Labels: dependencies, docker

#4326 - Method for providing certificates for private GitLab server

Issue - State: open - Opened by gcatto 3 months ago - 1 comment
Labels: kind/enhancement, Stale

#4325 - :seedling: Bump mvdan.cc/sh/v3 from 3.8.0 to 3.9.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 2 comments
Labels: dependencies, go

#4324 - :seedling: Bump cloud.google.com/go/pubsub from 1.41.0 to 1.42.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#4323 - ✨ Update SPDX license list, source for license data

Pull Request - State: closed - Opened by lelia 3 months ago

#4322 - :seedling: Require minimum version of Go 1.22.0

Pull Request - State: closed - Opened by spencerschrock 3 months ago - 1 comment

#4321 - :seedling: Bump github/codeql-action from 3.26.0 to 3.26.6 in the github-actions group across 1 directory

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#4320 - :seedling: Bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.20.2 in /tools

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, go

#4319 - :seedling: Bump github.com/onsi/ginkgo/v2 from 2.19.1 to 2.20.2

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 2 comments
Labels: dependencies, go

#4318 - :book: clarify project goals and non-goals

Pull Request - State: closed - Opened by spencerschrock 3 months ago - 1 comment

#4317 - :book: explicitly state both check documentation files are committed

Pull Request - State: closed - Opened by spencerschrock 3 months ago - 1 comment

#4316 - Remediation for github branch protection :book:

Pull Request - State: closed - Opened by pethers 3 months ago - 3 comments