devops-kung-fu bomber issues

devops-kung-fu / bomber

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

https://devops-kung-fu.github.io/bomber/

Mozilla Public License 2.0

516 stars 45 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

build(deps): bump github.com/sashabaranov/go-openai from 1.30.3 to 1.35.7

#272 dependabot[bot] opened 22 hours ago
0
build(deps): bump github.com/go-resty/resty/v2 from 2.15.2 to 2.16.1

#271 dependabot[bot] opened 1 day ago
0
build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.9 to 6.6.2

#270 dependabot[bot] opened 2 days ago
0
DJ WIP

#269 djschleen opened 1 week ago
1
feat: add support for alternative Snyk API URLs

#268 mcombuechen closed 1 week ago
4
build(deps): bump github.com/go-resty/resty/v2 from 2.15.2 to 2.16.0

#267 dependabot[bot] closed 1 day ago
2
build(deps): bump github.com/sashabaranov/go-openai from 1.30.3 to 1.35.6

#266 dependabot[bot] closed 22 hours ago
1
build(deps): bump goreleaser/goreleaser-action from 5.1.0 to 6.1.0 in /.github/workflows

#265 dependabot[bot] opened 1 week ago
0
Update Go version in devcontainer, add ProviderURL to credentials, and enhance Snyk integration

#264 djschleen closed 1 week ago
1
build(deps): bump github.com/google/osv-scanner from 1.8.5 to 1.9.1

#263 dependabot[bot] opened 3 weeks ago
0
build(deps): bump github.com/sashabaranov/go-openai from 1.30.3 to 1.32.5

#262 dependabot[bot] closed 1 week ago
1
build(deps): bump github.com/sashabaranov/go-openai from 1.30.3 to 1.32.3

#261 dependabot[bot] closed 3 weeks ago
1
build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.9 to 6.6.1

#260 dependabot[bot] closed 2 days ago
1
build(deps): bump github.com/sashabaranov/go-openai from 1.30.3 to 1.32.2

#259 dependabot[bot] closed 1 month ago
1
build(deps): bump github.com/sashabaranov/go-openai from 1.30.3 to 1.32.1

#258 dependabot[bot] closed 1 month ago
1
build(deps): bump github.com/sashabaranov/go-openai from 1.30.3 to 1.32.0

#257 dependabot[bot] closed 1 month ago
1
Scanning with Github provider not working

#256 rjuengling-hf opened 1 month ago
0
build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.9 to 6.6.0

#255 dependabot[bot] closed 1 month ago
1
build(deps): bump github.com/google/osv-scanner from 1.8.5 to 1.9.0

#254 dependabot[bot] closed 3 weeks ago
1
build(deps): bump github.com/go-resty/resty/v2 from 2.15.2 to 2.15.3

#253 dependabot[bot] closed 1 week ago
1
build(deps): bump github.com/sashabaranov/go-openai from 1.30.3 to 1.31.0

#252 dependabot[bot] closed 1 month ago
1
Update version to 0.5.1

#251 djschleen closed 1 month ago
1
build(deps): bump github.com/go-resty/resty/v2 from 2.15.1 to 2.15.2

#250 dependabot[bot] closed 1 month ago
1
Speed increase for OSV, GitHub provider work, Documentation Update

#249 djschleen closed 1 month ago
1
Update go-resty/resty/v2 to v2.15.1

#248 djschleen closed 2 months ago
0
Adds GitHub Advisory Database as a provider

#247 djschleen closed 2 months ago
0
build(deps): bump github.com/sashabaranov/go-openai from 1.28.2 to 1.30.3

#246 dependabot[bot] closed 2 months ago
2
Bomber not correctly detecting versions from CycloneDX BOM resulting in false positives

#245 rvesse closed 1 month ago
2
OSV Provider Optimizations

#244 djschleen closed 1 month ago
0
build(deps): bump github.com/go-resty/resty/v2 from 2.14.0 to 2.15.1

#243 dependabot[bot] closed 2 months ago
2
False negative scans when using bomber on SBOM with Cyclone CDX SpecVersion 1.6

#242 clobraico-hf closed 1 month ago
3
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.30.0

#241 dependabot[bot] closed 2 months ago
1
build(deps): bump github.com/go-resty/resty/v2 from 2.14.0 to 2.15.0

#240 dependabot[bot] closed 2 months ago
1
build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.9.0 to 0.9.1

#239 dependabot[bot] closed 2 months ago
2
Vulnerability Database management

#238 anthonyharrison opened 2 months ago
1
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.29.2

#237 dependabot[bot] closed 2 months ago
1
GitHub Security Advisory Provider

#236 djschleen closed 2 months ago
0
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.29.1

#235 dependabot[bot] closed 2 months ago
1
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.29.0

#234 dependabot[bot] closed 2 months ago
1
Added multiple output options

#233 AndriyDmytrenko closed 1 week ago
0
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.28.3

#232 dependabot[bot] closed 2 months ago
1
Clone transport

#231 myhops closed 2 months ago
2
JSON output produces invalid json document

#230 AndriyDmytrenko closed 1 month ago
2
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.28.2

#229 dependabot[bot] closed 3 months ago
1
build(deps): bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0 in /.github/workflows

#228 dependabot[bot] closed 1 week ago
1
compitibility with cyclonedx-maven-plugin:2.8.1

#227 ZheSun88 closed 3 months ago
4
Get missing or enhance licenses from ClearlyDefined

#226 djschleen opened 4 months ago
0
Please consider adopting OpenSSF Scorecard

#225 andrewpollock opened 4 months ago
1
Shows no package shown after passing Json File.

#224 Shweta4398 closed 3 months ago
7
Bomber reporting OSV vulnerabilities on package versions that aren't in SBOM

#223 ppeters0502 closed 3 months ago
5