Commit Graph

221 Commits

Author SHA1 Message Date
Nikita Pivkin
099938839d
chore(deps): use github.com/cheggaaa/pb/v3 (#260) 2023-12-04 14:14:15 +04:00
dependabot[bot]
cc445483b8
chore(deps): bump golang.org/x/oauth2 from 0.14.0 to 0.15.0 (#259) 2023-11-28 09:48:11 +09:00
DmitriyLewen
a948784f3a
test(k8s): remove internet access (#256)
Co-authored-by: chenk <hen.keinan@gmail.com>
2023-11-14 16:25:34 +09:00
MaineK00n
f022b19a87
feat(debian/tracker): add TEMP entry instead of CVE-yyyy-XXXX (#254) 2023-11-14 11:59:53 +09:00
dependabot[bot]
93697e4740
chore(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 (#257) 2023-11-14 09:17:23 +09:00
DmitriyLewen
6fffbb1a26
Open test(k8s): add missed CVE-2022-3172 to expected-vulndb.json (#255) 2023-11-13 16:20:21 +09:00
dependabot[bot]
eb47fe8e02
chore(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.3 (#253)
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.55.0 to 1.56.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.55.0...v1.56.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-26 08:09:47 +09:00
dependabot[bot]
568f56afe4
chore(deps): bump github.com/hashicorp/go-getter from 1.7.2 to 1.7.3 (#252) 2023-10-17 11:07:49 +09:00
dependabot[bot]
3593e4ad54
chore(deps): bump golang.org/x/net from 0.16.0 to 0.17.0 (#251) 2023-10-13 04:40:20 +03:00
dependabot[bot]
ac61cbd974
chore(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 (#250) 2023-10-11 10:40:37 +03:00
chenk
f851c7b730
fix: aggregate k8s events under same package (#249) 2023-10-02 18:44:10 +03:00
chenk
dfec39ff26
chore: increase k8s open prs limit (#248)
Signed-off-by: chenk <hen.keinan@gmail.com>
2023-10-01 19:22:28 +03:00
chenk
08662eae99
chore: add sleep between k8s vuln pr (#246)
Signed-off-by: chenk <hen.keinan@gmail.com>
2023-09-28 11:38:22 +03:00
Teppei Fukuda
8b9bdf21bc
build: replace PAT with ORG_REPO_TOKEN (#245)
Signed-off-by: knqyf263 <knqyf263@gmail.com>
2023-09-28 11:17:51 +03:00
chenk
8d2a522b96
fix: cve file name validation (#244) 2023-09-28 10:28:05 +03:00
chenk
b98364d3e4
feat: add k8s cve collector (#239) 2023-09-27 16:18:16 +03:00
dependabot[bot]
26dae1a5f7
chore(deps): bump github.com/spf13/afero from 1.9.5 to 1.10.0 (#243) 2023-09-26 10:52:32 +03:00
Teppei Fukuda
e9a5af7af0
chore: bump Go to 1.20 (#242)
Signed-off-by: knqyf263 <knqyf263@gmail.com>
2023-09-21 10:20:21 +03:00
Teppei Fukuda
6e704239a6
chore: enable more linters (#241)
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
2023-09-20 09:23:39 +03:00
dependabot[bot]
09c1d4dd53
chore(deps): bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 (#238) 2023-09-12 10:01:19 +03:00
dependabot[bot]
5c22217349
chore(deps): bump actions/checkout from 3 to 4 (#237) 2023-09-05 08:47:29 +03:00
DmitriyLewen
a27e53a7d3
BREAKING CHANGE: extract NVD advisories to separate repo (#230) 2023-08-29 09:06:38 +03:00
DmitriyLewen
7255411735
feat(ghsa): add swift support (#233) 2023-08-23 10:27:30 +03:00
dependabot[bot]
458c4aa135
chore(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#236) 2023-08-22 10:43:39 +03:00
Teppei Fukuda
e945c726c9
Revert "chore: fall back into vuln-list-reserve (#229)" (#235)
This reverts commit 66b50df091.
2023-08-14 10:28:50 +03:00
dependabot[bot]
361dd1a3e9
chore(deps): bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 (#234) 2023-08-09 12:15:33 +03:00
Nikita Pivkin
c2f1e32f0f
feat(osv): add last_affected and limit fields (#232) 2023-08-03 16:06:44 +03:00
dependabot[bot]
dccdb4d01c
chore(deps): bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.2 (#231) 2023-08-03 09:15:22 +03:00
dependabot[bot]
64d02d0d46
chore(deps): bump github.com/cheggaaa/pb/v3 from 3.1.2 to 3.1.4 (#227) 2023-07-25 15:23:27 +03:00
Teppei Fukuda
66b50df091
chore: fall back into vuln-list-reserve (#229) 2023-07-25 11:23:16 +03:00
dependabot[bot]
f883ce2682
chore(deps): bump golang.org/x/oauth2 from 0.9.0 to 0.10.0 (#224) 2023-07-25 09:37:52 +03:00
dependabot[bot]
6264a95226
chore(deps): bump golang.org/x/vuln (#226) 2023-07-19 10:49:25 +03:00
DmitriyLewen
1c85a70fa5
remove go-vulndb (#222) 2023-07-06 16:27:01 +03:00
dependabot[bot]
b3db352df4
chore(deps): bump google.golang.org/grpc from 1.50.1 to 1.53.0 (#221) 2023-07-06 12:11:10 +03:00
Teppei Fukuda
cd5808eaaf
fix(debian): remove line (#220) 2023-06-30 09:40:03 +03:00
Teppei Fukuda
f54b1d9b90
BREAKING CHANGE: extract Debian security advisories to separate repo (#219)
* use vuln-list-debian

* test: fix

* rename dir

* refactor: split dirs per year
2023-06-26 16:52:22 +03:00
Teppei Fukuda
ecaf1143a9
BREAKING CHANGE: extract Red Hat security advisories to separate repository (#217)
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
2023-06-22 10:20:19 +03:00
dependabot[bot]
509986fd13
chore(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 (#218) 2023-06-20 06:06:30 +03:00
MaineK00n
9d9f5d48df
style(redhat/securitydataapi): fix typo (#216) 2023-06-13 19:48:56 +03:00
dependabot[bot]
bc83d059c6
chore(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (#215) 2023-06-13 05:35:34 +03:00
dependabot[bot]
1475619527
chore(deps): bump github.com/spf13/afero from 1.9.3 to 1.9.5 (#198) 2023-06-13 05:35:11 +03:00
dependabot[bot]
48991bf5ff
chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#213) 2023-06-06 05:33:25 +03:00
dependabot[bot]
111439c466
chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#214) 2023-06-06 05:32:48 +03:00
afdesk
4c2c29afe6
ci: squash vuln-list using git-filter-repo (#212)
Co-authored-by: knqyf263 <knqyf263@gmail.com>
2023-06-05 15:42:41 +03:00
DmitriyLewen
2455a69145
fix(glad): select CVE-ID before GHSA-ID (#205) 2023-05-28 11:27:19 +03:00
dependabot[bot]
cb8ace6f60
chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#207) 2023-05-23 06:20:39 +03:00
dependabot[bot]
5e6a9e51cd
chore(deps): bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 (#206) 2023-05-16 05:20:30 +03:00
dependabot[bot]
268096cecd
chore(deps): bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 (#204) 2023-04-16 13:33:38 +03:00
dependabot[bot]
c98ad9e990
chore(deps): bump github.com/mattn/go-jsonpointer (#203) 2023-03-30 11:32:05 +03:00
Dan Luhring
77ea72500e
Add support for Chainguard distro (#190)
Signed-off-by: Dan Luhring <dluhring@chainguard.dev>
2023-03-30 11:30:22 +03:00