safedep/vet issues and pull requests

#193 - feat: Add support for markdown summary report generator

Pull Request - State: closed - Opened by abhisek 8 months ago - 1 comment

#192 - feat: Summary Report Group by Top Level Dependencies

Pull Request - State: closed - Opened by abhisek 10 months ago - 2 comments

#191 - npm Graph Parser is Broken for Lockfile Version v3

Issue - State: open - Opened by abhisek 10 months ago

#190 - feat: CycloneDX Graph Parser

Pull Request - State: closed - Opened by abhisek 10 months ago - 2 comments

#189 - chore(deps): bump github.com/google/cel-go from 0.18.1 to 0.19.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 3 comments
Labels: dependencies, go

#188 - chore(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.16.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 2 comments
Labels: dependencies, go

#187 - feat: Add support for npm Dependency Graph

Pull Request - State: closed - Opened by abhisek 11 months ago - 2 comments

#186 - chore(deps): bump the go_modules group across 1 directories with 1 update

Pull Request - State: open - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, go

#185 - chore(deps-dev): bump @docusaurus/module-type-aliases from 2.4.0 to 3.1.0 in /docs

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 2 comments
Labels: dependencies, javascript

#184 - chore(deps): bump github.com/kubescape/go-git-url from 0.0.25 to 0.0.27

Pull Request - State: open - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, go

#183 - SPDX support is only for JSON formatted SBOMs

Issue - State: open - Opened by anthonyharrison 11 months ago

#182 - fix: Auth and Reporting Experience (#180)

Pull Request - State: closed - Opened by abhisek 11 months ago - 2 comments

#181 - chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 2 comments
Labels: dependencies, go

#180 - vet Fails to Run without Explicit Auth Configuration

Issue - State: closed - Opened by anthonyharrison 11 months ago - 4 comments

#179 - chore: Add guard rails against nil pkg in event for JSON report generator

Pull Request - State: closed - Opened by abhisek 11 months ago - 2 comments

#178 - fix: LFP npm handle missing package

Pull Request - State: closed - Opened by abhisek 11 months ago - 2 comments

#177 - fix: Add identifiers to JSON report spec for threats

Pull Request - State: closed - Opened by abhisek 11 months ago - 2 comments

#176 - feat: Add threat reporting support in JSON report schema

Pull Request - State: closed - Opened by abhisek 11 months ago - 2 comments

#175 - feat: Add support for enrichment control as a flag

Pull Request - State: closed - Opened by abhisek 11 months ago - 2 comments

#174 - feat: Add Support for Lockfile Poisoning Detection for npm Ecosystem

Pull Request - State: closed - Opened by abhisek 11 months ago - 2 comments

#173 - feat: Add Support for Dependency Graph

Pull Request - State: closed - Opened by abhisek 11 months ago - 3 comments

#172 - chore(deps): bump prism-react-renderer from 1.3.5 to 2.3.1 in /docs

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 2 comments
Labels: dependencies, javascript

#171 - Update to Open API Code Generator 2.0.0

Issue - State: open - Opened by abhisek 12 months ago
Labels: enhancement

#170 - chore(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies, go

#169 - chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.2 to 0.8.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies, go

#168 - chore(deps): bump github.com/kubescape/go-git-url from 0.0.25 to 0.0.26

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies, go

#167 - chore(deps-dev): bump @docusaurus/module-type-aliases from 2.4.0 to 3.0.1 in /docs

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies, javascript

#166 - chore(deps): bump golang.org/x/term from 0.13.0 to 0.15.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies, go

#165 - chore(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.15.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies, go

#164 - Fix for the issue #163 - Vet is not able to detect setup.py manifest …

Pull Request - State: closed - Opened by jchauhan about 1 year ago - 2 comments

#163 - Vet is not able to detect setup.py manifest given a directory as scan input

Issue - State: open - Opened by jchauhan about 1 year ago - 1 comment
Labels: bug

#162 - chore(deps): bump prism-react-renderer from 1.3.5 to 2.3.0 in /docs

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, javascript

#161 - Vet json report Protobuf lib has issue that for some of the vulnerabilities, title is empty

Issue - State: open - Opened by jchauhan about 1 year ago - 2 comments
Labels: bug

#160 - feat: Scan Manifest on Discovery

Pull Request - State: closed - Opened by abhisek about 1 year ago - 2 comments

#159 - Incorrect Package Ecosystem in SPDX SBOM Scanning

Issue - State: open - Opened by abhisek about 1 year ago
Labels: bug

#158 - feat: Add Package Insights in JSON Report

Pull Request - State: closed - Opened by abhisek about 1 year ago - 2 comments

#157 - chore(deps): bump @mdx-js/react from 1.6.22 to 3.0.0 in /docs

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, javascript

#156 - chore(deps): bump axios, @docusaurus/core, @docusaurus/plugin-google-gtag and @docusaurus/preset-classic in /docs

Pull Request - State: open - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, javascript

#155 - chore(deps-dev): bump @docusaurus/module-type-aliases from 2.4.0 to 3.0.0 in /docs

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, javascript

#154 - chore(deps): bump prism-react-renderer from 1.3.5 to 2.2.0 in /docs

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, javascript

#153 - chore(deps): bump github.com/google/cel-go from 0.18.1 to 0.18.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, go

#152 - chore(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.14.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, go

#151 - chore(deps): bump golang.org/x/term from 0.13.0 to 0.14.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, go

#150 - feat: Add Support for Github Organization Scanning

Pull Request - State: closed - Opened by abhisek about 1 year ago - 2 comments

#149 - Comprehensive SBOM and Dependencies detection

Issue - State: open - Opened by jchauhan about 1 year ago

#148 - Support package.json, yarn.json to extract dependecies in case lockfile is not available

Issue - State: open - Opened by jchauhan about 1 year ago

#147 - chore: Update dependencies

Pull Request - State: closed - Opened by abhisek about 1 year ago - 2 comments

#146 - chore(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, go

#145 - chore(deps): bump github.com/google/osv-scanner from 1.4.1 to 1.4.3

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, go

#144 - Misc Fixes and Enhancements

Pull Request - State: closed - Opened by abhisek about 1 year ago - 2 comments

#142 - Github Reader Fails if Dependency Graph Not Available

Issue - State: closed - Opened by abhisek about 1 year ago
Labels: bug

#141 - Multiple Misc Fixes and Enhancements

Pull Request - State: closed - Opened by abhisek about 1 year ago - 2 comments

#140 - Support Integration with SCM and Dependency Track

Issue - State: open - Opened by abhisek about 1 year ago
Labels: enhancement

#139 - Support Cross Compilation of Go Releaser

Issue - State: closed - Opened by abhisek about 1 year ago - 3 comments

#138 - chore(deps-dev): bump @docusaurus/module-type-aliases from 2.4.0 to 2.4.3 in /docs

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, javascript

#137 - chore(deps): bump prism-react-renderer from 1.3.5 to 2.1.0 in /docs

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, javascript

#136 - chore(deps): bump @docusaurus/core from 2.4.0 to 2.4.3 in /docs

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, javascript

#135 - feat: Add Support for RubyGems Ecosystem

Pull Request - State: closed - Opened by abhisek about 1 year ago - 2 comments

#134 - chore(deps): bump github.com/gofri/go-github-ratelimit from 1.0.4 to 1.0.5

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, go

#133 - chore(deps): bump github.com/google/osv-scanner from 1.4.1 to 1.4.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, go

#132 - chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.4.8 to 6.4.9

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, go

#131 - chore(deps): bump postcss from 8.4.21 to 8.4.31 in /docs

Pull Request - State: open - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, javascript

#130 - chore(deps): bump urllib3 from 1.26.9 to 1.26.18 in /pkg/readers/fixtures/multi-with-invalid

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, python

#129 - chore(deps): bump @babel/traverse from 7.21.3 to 7.23.2 in /docs

Pull Request - State: open - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, javascript

#128 - chore: Dependency Upgrade

Pull Request - State: closed - Opened by abhisek about 1 year ago - 2 comments

#127 - chore(deps): bump github.com/deepmap/oapi-codegen from 1.13.3 to 1.16.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, go

#126 - Refactor: Exceptions Management at Per Scan

Issue - State: open - Opened by abhisek about 1 year ago
Labels: enhancement

#125 - Migrate to Using buf For Protocol Buffers Spec Management

Issue - State: open - Opened by abhisek about 1 year ago
Labels: enhancement, refactor

#124 - Multiple Fixes and Enhancements

Pull Request - State: closed - Opened by abhisek about 1 year ago - 1 comment

#123 - Fixed Issue with NPM sbom, fixed issues with cyclonedx parser, and refactored code

Pull Request - State: closed - Opened by jchauhan over 1 year ago - 1 comment

#122 - feat: Add Support for Github Connect for Private Repository Scanning

Pull Request - State: closed - Opened by abhisek over 1 year ago - 2 comments

#121 - Feat GitHub repo 200823 - Added ability to scan remote github repo, both public and private

Pull Request - State: closed - Opened by jchauhan over 1 year ago - 1 comment

#120 - FEAT - Added support to parse and scan SBOM in Spdx format

Pull Request - State: closed - Opened by jchauhan over 1 year ago - 1 comment

#119 - Fix: Vet Crash on one of the SBOM generate from Github #118

Pull Request - State: closed - Opened by jchauhan over 1 year ago - 1 comment

#118 - Vet Crash on one of the SBOM generate from Github

Issue - State: closed - Opened by jchauhan over 1 year ago

#117 - Ability to run vet on SBOM generated by github and give a single policy violation report

Issue - State: open - Opened by jchauhan over 1 year ago
Labels: enhancement

#116 - fix: enable cgo support as required by tree sitter

Pull Request - State: closed - Opened by abhisek over 1 year ago - 1 comment

#114 - Support Scanning Dependency Changes in Pull Request

Issue - State: closed - Opened by abhisek over 1 year ago - 1 comment
Labels: enhancement

#113 - Added ability to parse setup.py (Pypi) file and scan its dependencies

Pull Request - State: closed - Opened by jchauhan over 1 year ago - 1 comment

#112 - feat: CycloneDX SBOM Scanning Introduced by #111

Pull Request - State: closed - Opened by abhisek over 1 year ago - 1 comment

#111 - Jc

Pull Request - State: closed - Opened by jchauhan over 1 year ago - 2 comments

#110 - chore: Dependency upgrade as per dependabot suggestion

Pull Request - State: closed - Opened by abhisek over 1 year ago - 1 comment

#109 - feat: Cloud Report Sync : WIP

Pull Request - State: closed - Opened by abhisek over 1 year ago - 1 comment

#108 - Generate Report as SBOM

Issue - State: open - Opened by abhisek over 1 year ago
Labels: enhancement, sbom

#107 - Improve Remediation Advice

Issue - State: open - Opened by abhisek over 1 year ago
Labels: product, ux

#106 - Bump github.com/google/cel-go from 0.16.0 to 0.17.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#105 - Bump github.com/google/osv-scanner from 1.3.4 to 1.3.6

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#104 - Bump semver from 5.7.1 to 5.7.2 in /docs

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, javascript

#103 - Bump golang.org/x/term from 0.8.0 to 0.10.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#102 - Bump prism-react-renderer from 1.3.5 to 2.0.6 in /docs

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, javascript

#101 - Bump github.com/google/osv-scanner from 1.3.4 to 1.3.5

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#100 - Bump google.golang.org/protobuf from 1.30.0 to 1.31.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 3 comments
Labels: dependencies, go

#99 - Bump golang.org/x/term from 0.8.0 to 0.9.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#98 - chore: Update go dependencies

Pull Request - State: closed - Opened by abhisek over 1 year ago - 1 comment

#97 - Bump prism-react-renderer from 1.3.5 to 2.0.5 in /docs

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, javascript

#96 - Bump github.com/deepmap/oapi-codegen from 1.12.4 to 1.13.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 3 comments
Labels: dependencies, go

#95 - Bump github.com/google/osv-scanner from 1.3.2 to 1.3.4

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#94 - Support Vulnerability Reachability Analysis to Reduce False Positive

Issue - State: open - Opened by abhisek over 1 year ago
Labels: enhancement, research

#93 - Bump github.com/stretchr/testify from 1.8.2 to 1.8.4

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#92 - Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.3

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

GitHub / safedep/vet issues and pull requests