-
Add to the OSv GUI for monitoring, also review the tracing features:
http://osv.io/blog/blog/2014/09/18/cassandra-dashboard-tab/
-
See https://github.com/Vulnogram/Vulnogram for inspiration.
-
I tried using osv-scanner with the latest available docker image and a CyclonDX SBOM using the following command
```
~/test/osv$ docker run -it -v ${PWD}:/src ghcr.io/google/osv-scanner --sbom=/src…
-
**Is your feature request related to a problem? Please describe.**
Currently, the challenges with the NVD program are very much in people's minds ([courtesy of](https://github.com/jeremylong/Depend…
-
I have the following config
```toml
[[PackageOverrides]]
group = "dev"
license.ignore = true
```
When I run `osv-scanner --experimental-licenses-summary pnpm-lock.yaml` , the summary contain…
-
The repo is quite messy and it's hard to know where things are.
The current state of things (from my understanding):
| folder | what |
|--------|--------|
| `deployment/`| Terraform, Cloud Deploy …
-
Currently, our git commit enumeration relies on the commit hashes listed in the OSV record (as introduced/fixed/last_affected) to exist in git branches in the upstream repository:
- https://github…
-
**Describe the bug**
While creating https://github.com/google/osv.dev/pull/2146 (off the back of https://github.com/google/osv.dev/pull/2129) it occurred to me that combine-to-osv doesn't mark reject…
-
Currently, `osv-scanner scan` does not activate any Maven profiles(?), and `osv-scanner fix` activates only profiles that are explicitly active by default.
For better profile support, we could:
- …
-
Problem statement:
OSS users using OSV for vulnerability management have no standardized way to categorize vulnerabilities that they are currently or have historically been impacted by.
Research…