fl0pp5
8a32973818
increase git POST request buffer size
Update vuln-list-alt repo / Update vuln-list-alt (push) Successful in 5m26s
2024-06-28 16:13:18 +03:00
fl0pp5
76b0d0cd87
migrate to ALT workflow
Go / Test (push) Failing after 19s
Update vuln-list-alt repo / Update vuln-list-alt (push) Failing after 5m55s
2024-04-16 18:30:56 +03:00
fl0pp5
0e3663e910
feat: add ALT Linux support
...
Co-Authored-By: stefan <stefan_paksa@icloud.com>
2024-04-01 17:37:32 +03:00
dependabot[bot]
9e40f77f4d
chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0 ( #281 )
2024-03-27 09:49:04 +04:00
dependabot[bot]
ef17f9a90a
chore(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 ( #280 )
2024-03-24 13:58:50 +04:00
dependabot[bot]
bccfbac816
chore(deps): bump github.com/PuerkitoBio/goquery from 1.9.0 to 1.9.1 ( #278 )
2024-03-08 13:55:44 +04:00
dependabot[bot]
7798744cb1
chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 ( #279 )
2024-03-08 13:55:26 +04:00
dependabot[bot]
6dbc1022ff
chore(deps): bump github.com/PuerkitoBio/goquery from 1.8.0 to 1.9.0 ( #276 )
...
Bumps [github.com/PuerkitoBio/goquery](https://github.com/PuerkitoBio/goquery ) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/PuerkitoBio/goquery/releases )
- [Commits](https://github.com/PuerkitoBio/goquery/compare/v1.8.0...v1.9.0 )
---
updated-dependencies:
- dependency-name: github.com/PuerkitoBio/goquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-27 06:44:18 +04:00
Teppei Fukuda
a7e88fd9ca
fix(mariner): replace CBL-MarinerVulnerabilityData with AzureLinuxVulnerabilityData ( #275 )
...
Signed-off-by: knqyf263 <knqyf263@gmail.com>
2024-02-24 12:55:11 +04:00
Teppei Fukuda
d4135c9f51
fix: reset vuln-list ( #274 )
...
Signed-off-by: knqyf263 <knqyf263@gmail.com>
2024-02-23 21:41:00 +04:00
Teppei Fukuda
9d5c9da3de
fix: revert changes on error ( #272 )
...
Signed-off-by: knqyf263 <knqyf263@gmail.com>
2024-02-23 19:59:36 +04:00
dependabot[bot]
08331efd39
chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 ( #269 )
2024-02-13 06:30:56 +04:00
dependabot[bot]
6c5f088474
chore(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 ( #270 )
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.16.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-13 06:30:34 +04:00
dependabot[bot]
e7f711073f
chore(deps): bump github.com/cheggaaa/pb/v3 from 3.1.4 to 3.1.5 ( #266 )
...
Bumps [github.com/cheggaaa/pb/v3](https://github.com/cheggaaa/pb ) from 3.1.4 to 3.1.5.
- [Commits](https://github.com/cheggaaa/pb/compare/v3.1.4...v3.1.5 )
---
updated-dependencies:
- dependency-name: github.com/cheggaaa/pb/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-30 12:20:28 +04:00
dependabot[bot]
d1f1ba533d
chore(deps): bump golang.org/x/oauth2 from 0.15.0 to 0.16.0 ( #264 )
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.15.0...v0.16.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 09:41:56 +04:00
dependabot[bot]
a120276553
chore(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 ( #263 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-19 11:58:58 +04:00
DmitriyLewen
f1f4c3e8e6
refactor(nvd): use API instead of JSON feeds ( #258 )
...
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
2023-12-18 20:34:54 +04:00
dependabot[bot]
4e31879ddb
chore(deps): bump actions/setup-go from 4 to 5 ( #262 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-12 13:46:16 +02:00
dependabot[bot]
3be80a5472
chore(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 ( #261 )
...
Bumps [github.com/spf13/afero](https://github.com/spf13/afero ) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/spf13/afero/releases )
- [Commits](https://github.com/spf13/afero/compare/v1.10.0...v1.11.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/afero
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 11:21:54 +04:00
Nikita Pivkin
099938839d
chore(deps): use github.com/cheggaaa/pb/v3 ( #260 )
2023-12-04 14:14:15 +04:00
dependabot[bot]
cc445483b8
chore(deps): bump golang.org/x/oauth2 from 0.14.0 to 0.15.0 ( #259 )
2023-11-28 09:48:11 +09:00
DmitriyLewen
a948784f3a
test(k8s): remove internet access ( #256 )
...
Co-authored-by: chenk <hen.keinan@gmail.com>
2023-11-14 16:25:34 +09:00
MaineK00n
f022b19a87
feat(debian/tracker): add TEMP entry instead of CVE-yyyy-XXXX ( #254 )
2023-11-14 11:59:53 +09:00
dependabot[bot]
93697e4740
chore(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 ( #257 )
2023-11-14 09:17:23 +09:00
DmitriyLewen
6fffbb1a26
Open test(k8s): add missed CVE-2022-3172 to expected-vulndb.json ( #255 )
2023-11-13 16:20:21 +09:00
dependabot[bot]
eb47fe8e02
chore(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.3 ( #253 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.55.0 to 1.56.3.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.55.0...v1.56.3 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-26 08:09:47 +09:00
dependabot[bot]
568f56afe4
chore(deps): bump github.com/hashicorp/go-getter from 1.7.2 to 1.7.3 ( #252 )
2023-10-17 11:07:49 +09:00
dependabot[bot]
3593e4ad54
chore(deps): bump golang.org/x/net from 0.16.0 to 0.17.0 ( #251 )
2023-10-13 04:40:20 +03:00
dependabot[bot]
ac61cbd974
chore(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 ( #250 )
2023-10-11 10:40:37 +03:00
chenk
f851c7b730
fix: aggregate k8s events under same package ( #249 )
2023-10-02 18:44:10 +03:00
chenk
dfec39ff26
chore: increase k8s open prs limit ( #248 )
...
Signed-off-by: chenk <hen.keinan@gmail.com>
2023-10-01 19:22:28 +03:00
chenk
08662eae99
chore: add sleep between k8s vuln pr ( #246 )
...
Signed-off-by: chenk <hen.keinan@gmail.com>
2023-09-28 11:38:22 +03:00
Teppei Fukuda
8b9bdf21bc
build: replace PAT with ORG_REPO_TOKEN ( #245 )
...
Signed-off-by: knqyf263 <knqyf263@gmail.com>
2023-09-28 11:17:51 +03:00
chenk
8d2a522b96
fix: cve file name validation ( #244 )
2023-09-28 10:28:05 +03:00
chenk
b98364d3e4
feat: add k8s cve collector ( #239 )
2023-09-27 16:18:16 +03:00
dependabot[bot]
26dae1a5f7
chore(deps): bump github.com/spf13/afero from 1.9.5 to 1.10.0 ( #243 )
2023-09-26 10:52:32 +03:00
Teppei Fukuda
e9a5af7af0
chore: bump Go to 1.20 ( #242 )
...
Signed-off-by: knqyf263 <knqyf263@gmail.com>
2023-09-21 10:20:21 +03:00
Teppei Fukuda
6e704239a6
chore: enable more linters ( #241 )
...
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
2023-09-20 09:23:39 +03:00
dependabot[bot]
09c1d4dd53
chore(deps): bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 ( #238 )
2023-09-12 10:01:19 +03:00
dependabot[bot]
5c22217349
chore(deps): bump actions/checkout from 3 to 4 ( #237 )
2023-09-05 08:47:29 +03:00
DmitriyLewen
a27e53a7d3
BREAKING CHANGE: extract NVD advisories to separate repo ( #230 )
2023-08-29 09:06:38 +03:00
DmitriyLewen
7255411735
feat(ghsa): add swift support ( #233 )
2023-08-23 10:27:30 +03:00
dependabot[bot]
458c4aa135
chore(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 ( #236 )
2023-08-22 10:43:39 +03:00
Teppei Fukuda
e945c726c9
Revert "chore: fall back into vuln-list-reserve ( #229 )" ( #235 )
...
This reverts commit 66b50df091
2023-08-14 10:28:50 +03:00
dependabot[bot]
361dd1a3e9
chore(deps): bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 ( #234 )
2023-08-09 12:15:33 +03:00
Nikita Pivkin
c2f1e32f0f
feat(osv): add last_affected and limit fields ( #232 )
2023-08-03 16:06:44 +03:00
dependabot[bot]
dccdb4d01c
chore(deps): bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.2 ( #231 )
2023-08-03 09:15:22 +03:00
dependabot[bot]
64d02d0d46
chore(deps): bump github.com/cheggaaa/pb/v3 from 3.1.2 to 3.1.4 ( #227 )
2023-07-25 15:23:27 +03:00
Teppei Fukuda
66b50df091
chore: fall back into vuln-list-reserve ( #229 )
2023-07-25 11:23:16 +03:00
dependabot[bot]
f883ce2682
chore(deps): bump golang.org/x/oauth2 from 0.9.0 to 0.10.0 ( #224 )
2023-07-25 09:37:52 +03:00
