search

google / osv-scanner

Vulnerability scanner written in Go which uses the data provided by https://osv.dev
https://google.github.io/osv-scanner/
Apache License 2.0
6.25k stars 362 forks source link

Bazel support #114

Open zsims opened 1 year ago

zsims commented 1 year ago

Feature request to add support for scanning dependencies from bazel definitions. This is similar to https://github.com/dependabot/dependabot-core/issues/2196. It'd make it a lot easier rather than bazel-generating POMs for osv-scanner to scan.

libratiger commented 1 year ago

Look for the feature +1

G-Rath commented 1 year ago

I know of Bazel but have never come close to using it - I'll have a look at the linked material, but if someone could put together a small sample project / file-to-be-parsed that'd be really helpful :)

github-actions[bot] commented 3 months ago

This issue has not had any activity for 60 days and will be automatically closed in two weeks