issues
search
google
/
osv-scanner
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
https://google.github.io/osv-scanner/
Apache License 2.0
6.15k
stars
347
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
feat: fetch Maven metadata from specified repositories
#1286
cuixq
opened
5 hours ago
1
fix: improve handling if `docker` exits with a non-zero code when trying to scan images
#1285
G-Rath
opened
13 hours ago
1
test: update snapshot
#1284
G-Rath
closed
7 hours ago
1
fix: output invalid PURLs when scanning sboms
#1283
G-Rath
closed
4 hours ago
1
chore(deps): lock file maintenance
#1282
renovate-bot
opened
16 hours ago
1
chore(deps): update workflows
#1281
renovate-bot
opened
16 hours ago
0
Do not fetch snapshots from the Maven repository disabling that
#1280
cuixq
opened
4 days ago
0
fix(offline): report all ecosystems without local databases in one single line
#1279
G-Rath
closed
6 hours ago
1
fix: apply go version override to _all_ instances of the `stdlib`
#1278
G-Rath
closed
4 hours ago
2
Consider making "skip git" the default in v2
#1277
G-Rath
opened
4 days ago
0
Brais.cabofelpete/k9 vuln 843 dont report version for dependencies workspaces package.json
#1276
BraisCaboFelpete
closed
4 days ago
0
Display severity using ecosystem-specific priority tags
#1275
hogo6002
opened
5 days ago
0
HTML output format for scanning result
#1274
hogo6002
opened
5 days ago
0
Config file (GoVersionOverride) is not applied properly on recursive scans
#1273
tuminoid
closed
4 hours ago
1
chore(deps): bump django from 2.2.24 to 3.2.25 in /cmd/osv-scanner/fixtures/locks-requirements in the pip group across 1 directory
#1272
dependabot[bot]
closed
4 days ago
2
feat: assume `txt` files with "requirements" in their name are `requirements.txt` files
#1271
G-Rath
closed
5 days ago
1
chore(deps): update dependency webrick to v1.8.2 [security]
#1270
renovate-bot
closed
6 days ago
1
Read Maven configurations from `settings.xml`
#1269
cuixq
opened
6 days ago
0
feat: support `vulnerabilities.ignore` in package overrides
#1268
G-Rath
opened
6 days ago
1
test: update case to reflect recent config parsing changes
#1267
G-Rath
closed
6 days ago
1
Accept other names for requirements.txt files or provide a way to specify an extractor
#1266
lengau
closed
5 days ago
5
fix(deps): update osv-scanner minor
#1265
renovate-bot
closed
5 days ago
2
chore(deps): update workflows
#1264
renovate-bot
closed
5 days ago
1
refactor: Follow revive rules across the repo
#1263
another-rex
closed
1 week ago
1
feat: group DSA and its CVEs together
#1262
hogo6002
closed
1 week ago
1
Group using related field for specific ecosystems
#1261
another-rex
opened
1 week ago
0
Implement query paging
#1260
another-rex
opened
1 week ago
0
chore: make guided remediation follow revive's default lint rules
#1259
michaelkedar
closed
1 week ago
3
feat(output): add HTML output format
#1258
hogo6002
opened
1 week ago
1
Reenable `revive` golangci-lints
#1257
another-rex
closed
1 week ago
2
ci: pin `amannn/action-semantic-pull-request` to a commit
#1256
G-Rath
closed
1 week ago
1
ci: pin `actions/stale` to a commit
#1255
G-Rath
closed
1 week ago
1
test: update snapshots with new security vulnerabilities
#1254
G-Rath
closed
1 week ago
4
chore: deprecate parser functions in favor of their extract equivalents
#1253
G-Rath
closed
1 week ago
1
fix: don't allow `LoadPath` to be set via config file
#1252
G-Rath
closed
1 week ago
1
test: ensure `cmp.Diff` usage is consistent
#1251
G-Rath
closed
2 weeks ago
1
test: restructure internal `config` cases and fixtures
#1250
G-Rath
closed
2 weeks ago
1
feat: error if configuration file has unknown properties
#1249
G-Rath
closed
1 week ago
1
refactor: simplify and reuse `tryLoadConfig`
#1248
G-Rath
closed
1 week ago
2
chore(deps): update workflows
#1247
renovate-bot
closed
2 weeks ago
1
fix(deps): update osv-scanner minor
#1246
renovate-bot
closed
2 weeks ago
1
feat: Copy over dark docs theming from osv.dev
#1245
another-rex
closed
2 weeks ago
1
Support pyproject.toml files
#1244
AdamKorcz
opened
2 weeks ago
1
feat: allow explicitly ignoring the license of a package in config
#1243
G-Rath
closed
2 weeks ago
3
fix: announce when a config file is invalid and exit with a non-zero code
#1242
G-Rath
closed
2 weeks ago
1
fix: don't assume there's always a reason for a package being filtered out
#1241
G-Rath
closed
2 weeks ago
1
Maven resolution fails with native data source when `maven-metadata.xml` is missing from repository
#1240
michaelkedar
opened
2 weeks ago
0
Support profile activation in Maven pom.xml resolution and writing
#1239
michaelkedar
opened
2 weeks ago
2
Fail to update Maven packages with properties in their names
#1238
michaelkedar
opened
2 weeks ago
0
chore(release): changelog for v1.8.5
#1237
cuixq
closed
2 weeks ago
1
Next