github-actions[bot]
commented
1 month ago This issue has not had any activity for 60 days and will be automatically closed in two weeks
Open philippe-granet opened 1 year ago
github-actions[bot]
commented
1 month ago This issue has not had any activity for 60 days and will be automatically closed in two weeks
andrewpollock
commented
1 month ago This may be better suited as an API rather than strictly website implementation...
There might also be an angle for https://github.com/google/osv-scanner-action here.
We use Renovate Bot on our projects to detect dependencies upgrades and vulnerabilities since Renovate adds OSV database check (https://osv.dev/blog/posts/renovate_announcement/).
Exemple of PR created by our bot where we added somes badges and urls from Snyk website:
Example of url/badge for a Github repository (https://support.snyk.io/hc/en-us/articles/360003997277-Badge-Support-for-Repositories): https://snyk.io/test/github/auth0/node-jsonwebtoken https://img.shields.io/snyk/vulnerabilities/github/auth0/node-jsonwebtoken
Example of url/badge for specifics dependency versions: (https://snyk-widget.herokuapp.com/public/badgecreator.html) https://snyk.io/vuln/npm:jsonwebtoken@8.5.1 https://snyk-widget.herokuapp.com/badge/npm/jsonwebtoken/8.5.1/badge.svg
https://snyk.io/vuln/npm:jsonwebtoken@9.0.0 https://snyk-widget.herokuapp.com/badge/npm/jsonwebtoken/9.0.0/badge.svg
Suggestion: Could the osv.dev website provide this type of functionality?