google/osv-scanner
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
GoApache-2.0
Pinned issues
Issues
- 1
Java import reachability
#1031 opened by oliverchang - 0
Ability to add new sections to pom.xml in Maven updater
#989 opened by cuixq - 0
Guided Remediation support for npm peerDependencies
#1026 opened by michaelkedar - 0
Deprecate parser in `pkg/lockfile`
#1021 opened by cuixq - 5
- 3
- 2
Request for Lowercase ( even Space-Free ) Abbreviation for Query API Eco Name
#1015 opened by edwinjhlee - 0
OSV-Scanner reporting package locations to give user information on remediation externally
#1010 opened by marcwieserdev - 2
Errors spamming the stderr output
#1005 opened by another-rex - 0
Refactor deps.dev clients
#1009 opened by cuixq - 6
Ability to scan apt, dnf, apk packages, and nix, and take sbom outputs from syft
#991 opened by edwinjhlee - 0
Add support for DNF package manager
#999 opened by another-rex - 0
Support comparing Alpine versions
#952 opened by G-Rath - 5
Support gradle's verification-metadata.xml?
#915 opened by faern - 3
- 4
osv-scanner doesn't find Fedora vulnerabilities
#917 opened by paulwouters - 0
Ability to filter and weight by record source
#976 opened by andrewpollock - 0
一元机场最新登入地址
#975 opened by ji154 - 0
Support running license scan independently
#965 opened by shahar-h - 7
- 0
- 12
Setting/overwriting license for a dependency
#814 opened by ststroppel - 0
- 4
License should be marked as violated only in case there is no other allowed license
#949 opened by shahar-h - 2
encountering errors when parsing pnpm-lock
#931 opened by LironJit - 3
Support for Scala SBT
#921 opened by LironJit - 4
Scanning Pseudo Versions of Go
#910 opened by theinfosecguy - 4
- 0
Go call analysis regression in 1.7.0
#914 opened by another-rex - 13
Guided remediation for npm (`osv-scanner fix`) failed to resolve private dependencies
#899 opened by khai-tran - 6
SIGSEGV when using go source analysis
#883 opened by Quince-Pie - 1
How to scan C/C++ language with conan.lock?
#884 opened by ASKAC0810 - 8
does OSV works on a local db or using an API?
#820 opened by tomerse-sg - 9
upstream request timeout
#856 opened by jayvdb - 2
- 9
- 4
Add node_modules artifact extraction
#791 opened by another-rex - 0
- 2
- 4
Documentation is 404ing
#812 opened by alex - 2
Allow GOVERSION to be overridden
#848 opened by sudo-bmitch - 3
The latest release download link
#800 opened by alv2017 - 4
Couldn't execute it. The Go lang version is 1.21
#809 opened by Trincazul - 2
[WebKit vendored code] osv-scanner fails to identify ANGLE and webrtc projects
#802 opened by ddkilzer - 1
[WebKit vendored code] osv-scanner fails to identify multiple third-party projects
#803 opened by ddkilzer - 0
[WebKit vendored code] osv-scanner misidentifies gmock and gtest as valijson project
#801 opened by ddkilzer - 0
Adding egg-info extraction ability
#790 opened by another-rex - 0
- 0
Migrate log output to the correct verbosity level
#755 opened by another-rex - 2
Markdown in SARIF help text
#742 opened by fvelcker