A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.
Apache License 2.0
205
stars
19
forks
source link
Ensure purls are consistent and valid if they are present. #557
This helps prevent and detect cases like #555.
This PR will have failing checks until the problems in #555 are dealt with.
osv-scanner is updated in this PR too.