-
Notifications
You must be signed in to change notification settings - Fork 177
Insights: google/osv.dev
Overview
Could not load contribution data
Please try again later
18 Pull requests merged by 4 people
-
Apply source changes for #2435.
#2446 merged
Aug 2, 2024 -
Enforce db_prefix.
#2435 merged
Aug 2, 2024 -
Have the shorthand vulnerability redirector handle IDs with colons
#2431 merged
Aug 2, 2024 -
chore(deps): lock file maintenance
#2420 merged
Aug 2, 2024 -
chore(deps): lock file maintenance appengine-backend
#2426 merged
Aug 2, 2024 -
chore(deps): lock file maintenance docs
#2427 merged
Aug 2, 2024 -
chore(deps): lock file maintenance functions
#2428 merged
Aug 2, 2024 -
Update to OSV Schema v1.6.3
#2442 merged
Aug 2, 2024 -
Promote Android ignore pattern consolidation to Production
#2441 merged
Aug 2, 2024 -
Merge Android ignore pattern into a single
#2440 merged
Aug 1, 2024 -
Propagate prefix filtering to Production
#2437 merged
Aug 1, 2024 -
Test ignoring unexpected records
#2434 merged
Aug 1, 2024 -
Ignore CVE IDs from Ubuntu
#2432 merged
Aug 1, 2024 -
Tighten up the initial FAQ entry
#2429 merged
Jul 31, 2024 -
Increase frequency of staleness runs
#2419 merged
Jul 30, 2024 -
Update espv2 image to 2.49.0
#2421 merged
Jul 30, 2024 -
fix(deps): update docs
#2418 merged
Jul 30, 2024 -
Use android-osv-test for test.
#2417 merged
Jul 29, 2024
4 Pull requests opened by 4 people
-
chore(deps): lock file maintenance api
#2425 opened
Jul 30, 2024 -
fix: Cache helper functions timeout bug
#2438 opened
Aug 1, 2024 -
chore(deps-dev): Bump rexml from 3.3.2 to 3.3.3 in /docs in the bundler group
#2444 opened
Aug 2, 2024 -
Don't index versions from git tags if they exceed 5000.
#2445 opened
Aug 2, 2024
7 Issues closed by 3 people
-
Add caching to non debian ecosystem when enumerating
#498 closed
Jul 31, 2024 -
Support scanning package manifests
#411 closed
Jul 31, 2024 -
Convert configuration in SourceRepository to a config file(s) under revision control
#634 closed
Jul 30, 2024 -
CVE imports require more advanced last_modified detection
#791 closed
Jul 29, 2024 -
Index by both package+version.
#1001 closed
Jul 29, 2024 -
python-ndb 2.0.0 appears to be causing import errors
#915 closed
Jul 28, 2024 -
data: "fixed" before "introduced" is very odd
#1055 closed
Jul 26, 2024
6 Issues opened by 4 people
-
Automate submodule updates
#2443 opened
Aug 2, 2024 -
The importer does not honour ignore_patterns for REST sources
#2436 opened
Aug 1, 2024 -
Sustainably ensure invalidly prefixed records are not imported
#2433 opened
Aug 1, 2024 -
Invalidate `last_update_date` when source changes
#2424 opened
Jul 30, 2024 -
Export an `all.zip` containing every vulnerability.
#2423 opened
Jul 30, 2024 -
Missing `Packages` for some malicious packages
#2422 opened
Jul 30, 2024
71 Unresolved conversations
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
-
Solution hashes for a vulnerability lies in an external fork
#2415 commented on
Jul 26, 2024 • 0 new comments -
Support RedHat vulnerabilities
#1404 commented on
Jul 26, 2024 • 0 new comments -
Verify treatment of versions without a leading digit
#1024 commented on
Jul 26, 2024 • 0 new comments -
OSV query API does not support querying by Linux versions.
#1000 commented on
Jul 26, 2024 • 0 new comments -
Consider using the UDD instead of snapshot.debian.org for Debian next version determination
#944 commented on
Jul 26, 2024 • 0 new comments -
CVE-2021-35940.json lists apr-1.6.3 and apr-1.6.5 as vulnerable, but they are not
#942 commented on
Jul 26, 2024 • 0 new comments -
Better validation for API requests.
#892 commented on
Jul 27, 2024 • 0 new comments -
API feature request
#873 commented on
Jul 27, 2024 • 0 new comments -
Do User-Agent based formatting of output
#863 commented on
Jul 27, 2024 • 0 new comments -
Improve visibility of GCP errors
#764 commented on
Jul 28, 2024 • 0 new comments -
Make /vulnfeeds/cmd/combine-to-osv/run_combine_to_osv_convert.sh support a BYO GCS bucket
#749 commented on
Jul 28, 2024 • 0 new comments -
(OSS-Fuzz) Support ffmpeg
#695 commented on
Jul 28, 2024 • 0 new comments -
Aliases, and how they are supposed to be used
#888 commented on
Jul 28, 2024 • 0 new comments -
CVSS severities are never validated
#2369 commented on
Jul 28, 2024 • 0 new comments -
Add endpoint for serving the latest OSV JSON schema
#1166 commented on
Jul 29, 2024 • 0 new comments -
Ability to mark a vulnerability as only impacting certain release artifacts
#792 commented on
Jul 29, 2024 • 0 new comments -
Simple UI on https://osv.dev to help with editing/generating OSV entries
#796 commented on
Jul 29, 2024 • 0 new comments -
Support direct linking by alias
#760 commented on
Jul 29, 2024 • 0 new comments -
Validate package names and versions on import
#844 commented on
Jul 29, 2024 • 0 new comments -
Support for versions in all advisories
#575 commented on
Jul 29, 2024 • 0 new comments -
Deploy osv.dev on-premise
#546 commented on
Jul 29, 2024 • 0 new comments -
Sort affected version events
#485 commented on
Jul 29, 2024 • 0 new comments -
Clarify documentation of return format for /v1/querybatch API
#466 commented on
Jul 29, 2024 • 0 new comments -
Document that `version` and purls with versions can't be both specified in a query.
#1900 commented on
Jul 29, 2024 • 0 new comments -
nvd-cve-osv: OpenSSL versions do not normalize correctly
#2220 commented on
Jul 29, 2024 • 0 new comments -
Make it possible to cause the reimport of a single Git-based OSV record
#2018 commented on
Jul 29, 2024 • 0 new comments -
Don't log import latency every time the task times out
#1871 commented on
Jul 29, 2024 • 0 new comments -
Advisories deleted from source Git repository not being marked as withdrawn
#2101 commented on
Jul 29, 2024 • 0 new comments -
combine-to-osv: withdraw rejected CVEs
#2147 commented on
Jul 29, 2024 • 0 new comments -
Provide a BigQuery Public Dataset of OSV data
#889 commented on
Jul 30, 2024 • 0 new comments -
Support mirroring through API
#448 commented on
Jul 30, 2024 • 0 new comments -
Ensure low latency of updates from sources.
#440 commented on
Jul 30, 2024 • 0 new comments -
CI scanning actions
#412 commented on
Jul 30, 2024 • 0 new comments -
Add kubernetes vulnerabilities
#281 commented on
Jul 30, 2024 • 0 new comments -
OSS-Fuzz: comment on bug issue with assigned OSV ID
#258 commented on
Jul 30, 2024 • 0 new comments -
vulnfeeds: consider adding GitHub security advisory data as input
#254 commented on
Jul 30, 2024 • 0 new comments -
vulnfeeds: Add some more common phrases when extracting versions from CVE description
#249 commented on
Jul 30, 2024 • 0 new comments -
vulnfeeds: false positive by package:vulnerability id combo
#244 commented on
Jul 30, 2024 • 0 new comments -
vulnfeeds: support re-evaluating existing entries
#236 commented on
Jul 30, 2024 • 0 new comments -
Easier correlation between affected versions and branches
#74 commented on
Jul 30, 2024 • 0 new comments -
OSV CI
#51 commented on
Jul 30, 2024 • 0 new comments -
Improve cherry pick detection
#24 commented on
Jul 30, 2024 • 0 new comments -
Support CPE search
#410 commented on
Jul 30, 2024 • 0 new comments -
Improve the UX of failed vulnerability retrieval by the API
#2235 commented on
Jul 30, 2024 • 0 new comments -
Bioconductor enumeration code is fault-intolerant
#2153 commented on
Jul 30, 2024 • 0 new comments -
Bisection should not produce zero-length commit ranges
#2232 commented on
Jul 30, 2024 • 0 new comments -
Datastore, ndb, and querying for existence of a repeated field in alias computation.
#2093 commented on
Jul 30, 2024 • 0 new comments -
Mageia vulnerabilities available in OSV
#2089 commented on
Jul 30, 2024 • 0 new comments -
Support Maven registries in OSV entries
#2088 commented on
Jul 30, 2024 • 0 new comments -
OSS-Fuzz bisection: comment on issue with results
#2080 commented on
Jul 30, 2024 • 0 new comments -
Regular releases of the osv PyPI package
#2044 commented on
Jul 30, 2024 • 0 new comments -
Support regular re-enumeration of affected versions for existing records
#2017 commented on
Jul 30, 2024 • 0 new comments -
Figure out a better way to get notified of OOMs
#1990 commented on
Jul 30, 2024 • 0 new comments -
Automated indexer project tracking based on OSV.dev advisories
#1989 commented on
Jul 30, 2024 • 0 new comments -
Impact analysis - Multiple ranges not handled for GIT range
#1938 commented on
Jul 30, 2024 • 0 new comments -
Use 'Enumerate Package Versions' request for NuGet version enumeration
#1932 commented on
Jul 30, 2024 • 0 new comments -
Visibility of curl CVEs without Git ranges
#1926 commented on
Jul 30, 2024 • 0 new comments -
Impact analysis of fixed events - Discrepancy between specification and implementation
#1910 commented on
Jul 30, 2024 • 0 new comments -
SEMVER version advisories appearing for ecosystems with non-semver versions
#1834 commented on
Jul 30, 2024 • 0 new comments -
Put a Package/ID search box on the osv.dev main page
#1802 commented on
Jul 30, 2024 • 0 new comments -
Improve the osv.dev repo's folder structure
#1714 commented on
Jul 30, 2024 • 0 new comments -
Clarify contributing.md for frontend work
#1427 commented on
Jul 30, 2024 • 0 new comments -
Badge Support and friendly URLs
#1240 commented on
Jul 30, 2024 • 0 new comments -
Support Clojars for version enumeration
#1226 commented on
Jul 30, 2024 • 0 new comments -
API: query vulnerabilities by cve id
#1016 commented on
Jul 30, 2024 • 0 new comments -
Enrich the severity data
#484 commented on
Jul 30, 2024 • 0 new comments -
Add code coverage metrics
#694 commented on
Jul 31, 2024 • 0 new comments -
Advisories from GuardDog
#2252 commented on
Jul 31, 2024 • 0 new comments -
Dependency Dashboard
#714 commented on
Aug 2, 2024 • 0 new comments -
chore(deps): lock file maintenance
#2412 commented on
Jul 30, 2024 • 0 new comments -
Style/custom dark theme
#2414 commented on
Aug 1, 2024 • 0 new comments