-
If I want to use osv-scanner on gitlab, how do I configure the yml file? Is there a corresponding tool or plug-in that can be installed?
-
## abstract
Since osv-scanner cannot support dnf package manager(https://github.com/google/osv-scanner/issues/999), and we are informed that osv-scanner can take output from syft (https://github.co…
-
Is it possible to connect OSV to a plenary test harness? I played around a little bit with the "run_this" method and also with "PlenaryBustedFile" but I was only able to hit a breakpoint outside of a …
-
We've been having on-going problems with Codecov over the last few months - we seemed to have addressed a few of them now that we've gotten the token in place and upgraded to v4, but we've still got a…
-
The Mageia distribution now exports its vulnerability reports in OSV format. Here are some key URLs:
Source URL: `https://advisories.mageia.org/.html`
OSV Formatted URL: `https://advisories.mageia…
-
idk if this is possible or easy to fix but I thought I'd go ahead and create this issue anyway for reference/help/feedback. It's not a huge deal, but it does keep me from (or makes it harder at le…
-
**Describe the bug**
While creating https://github.com/google/osv.dev/pull/2146 (off the back of https://github.com/google/osv.dev/pull/2129) it occurred to me that combine-to-osv doesn't mark reject…
-
**Is your feature request related to a problem? Please describe.**
Currently, the challenges with the NVD program are very much in people's minds ([courtesy of](https://github.com/jeremylong/Depend…
-
Given that OSV reports from OSS-Fuzz are currently false-positive-laden (see https://github.com/google/osv.dev/issues/2176 and https://github.com/google/oss-fuzz/issues/11925), the withdrawal process …
-
https://github.com/ossf/osv-schema/pull/231 was just merged, which adds optional Maven registries to the Maven ecosystem:
i.e.
```
"package": {
"ecosystem": "Maven:https://mycool…