devops-kung-fu bomber issues

devops-kung-fu / bomber

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

https://devops-kung-fu.github.io/bomber/

Mozilla Public License 2.0

497 stars 43 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

build(deps): bump github.com/go-resty/resty/v2 from 2.15.2 to 2.15.3

#253 dependabot[bot] opened 2 days ago
0
build(deps): bump github.com/sashabaranov/go-openai from 1.30.3 to 1.31.0

#252 dependabot[bot] opened 3 days ago
0
Update version to 0.5.1

#251 djschleen closed 6 days ago
1
build(deps): bump github.com/go-resty/resty/v2 from 2.15.1 to 2.15.2

#250 dependabot[bot] closed 6 days ago
1
Speed increase for OSV, GitHub provider work, Documentation Update

#249 djschleen closed 6 days ago
1
Update go-resty/resty/v2 to v2.15.1

#248 djschleen closed 1 week ago
0
Adds GitHub Advisory Database as a provider

#247 djschleen closed 1 week ago
0
build(deps): bump github.com/sashabaranov/go-openai from 1.28.2 to 1.30.3

#246 dependabot[bot] closed 1 week ago
2
Bomber not correctly detecting versions from CycloneDX BOM resulting in false positives

#245 rvesse closed 6 days ago
2
OSV Provider Optimizations

#244 djschleen closed 6 days ago
0
build(deps): bump github.com/go-resty/resty/v2 from 2.14.0 to 2.15.1

#243 dependabot[bot] closed 1 week ago
2
False negative scans when using bomber on SBOM with Cyclone CDX SpecVersion 1.6

#242 clobraico-hf closed 6 days ago
3
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.30.0

#241 dependabot[bot] closed 1 week ago
1
build(deps): bump github.com/go-resty/resty/v2 from 2.14.0 to 2.15.0

#240 dependabot[bot] closed 1 week ago
1
build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.9.0 to 0.9.1

#239 dependabot[bot] closed 1 week ago
2
Vulnerability Database management

#238 anthonyharrison opened 2 weeks ago
1
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.29.2

#237 dependabot[bot] closed 1 week ago
1
GitHub Security Advisory Provider

#236 djschleen closed 1 week ago
0
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.29.1

#235 dependabot[bot] closed 2 weeks ago
1
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.29.0

#234 dependabot[bot] closed 3 weeks ago
1
Added multiple output options

#233 AndriyDmytrenko opened 1 month ago
0
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.28.3

#232 dependabot[bot] closed 1 month ago
1
Clone transport

#231 myhops closed 1 week ago
2
JSON output produces invalid json document

#230 AndriyDmytrenko closed 6 days ago
2
build(deps): bump github.com/sashabaranov/go-openai from 1.28.1 to 1.28.2

#229 dependabot[bot] closed 1 month ago
1
build(deps): bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0 in /.github/workflows

#228 dependabot[bot] opened 1 month ago
0
compitibility with cyclonedx-maven-plugin:2.8.1

#227 ZheSun88 closed 1 month ago
4
Get missing or enhance licenses from ClearlyDefined

#226 djschleen opened 2 months ago
0
Please consider adopting OpenSSF Scorecard

#225 andrewpollock opened 2 months ago
1
Shows no package shown after passing Json File.

#224 Shweta4398 closed 1 month ago
7
Bomber reporting OSV vulnerabilities on package versions that aren't in SBOM

#223 ppeters0502 closed 1 month ago
5
feat: support markdown as a renderer output format

#222 scottmckendry closed 2 weeks ago
5
Feature Request

#221 nhopkins19 opened 4 months ago
1
build(deps): bump github.com/package-url/packageurl-go from 0.1.2 to 0.1.3

#220 dependabot[bot] closed 1 month ago
2
build(deps): bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 in /.github/workflows

#219 dependabot[bot] closed 1 month ago
1
build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.4 to 6.5.9

#218 dependabot[bot] closed 1 month ago
2
build(deps): bump golang.org/x/net from 0.21.0 to 0.23.0

#217 dependabot[bot] closed 1 month ago
2
build(deps): bump github.com/kirinlabs/HttpRequest from 1.1.1 to 1.1.2

#216 dependabot[bot] closed 1 month ago
2
Make Snyk API URL configurable

#215 moxli opened 5 months ago
0
build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.4 to 6.5.8

#214 dependabot[bot] closed 4 months ago
1
correct Loader object shadowing to correct SEGFAULT

#213 pbailey-hf closed 6 days ago
2
error retrieving vulnerability data (400 Bad Request)

#212 ArwynFr closed 1 month ago
4
build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.4 to 6.5.6

#211 dependabot[bot] closed 5 months ago
2
Openai report output

#210 djschleen closed 1 month ago
1
build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.4 to 6.5.5

#209 dependabot[bot] closed 6 months ago
2
HTML report generation fails silently when processing entire folder containing an "empty" SBOM

#208 henning-meinhardt opened 6 months ago
2
build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0

#207 dependabot[bot] closed 1 month ago
3
Fixes 0xProto Font in devcontainer

#206 djschleen closed 7 months ago
0
Extended devcontainer functionality

#205 djschleen closed 7 months ago
1
--ignore-file option not working

#204 sssylvester opened 7 months ago
3