Nikita Pivkin
099938839d
chore(deps): use github.com/cheggaaa/pb/v3 ( #260 )
2023-12-04 14:14:15 +04:00
dependabot[bot]
cc445483b8
chore(deps): bump golang.org/x/oauth2 from 0.14.0 to 0.15.0 ( #259 )
2023-11-28 09:48:11 +09:00
DmitriyLewen
a948784f3a
test(k8s): remove internet access ( #256 )
...
Co-authored-by: chenk <hen.keinan@gmail.com>
2023-11-14 16:25:34 +09:00
MaineK00n
f022b19a87
feat(debian/tracker): add TEMP entry instead of CVE-yyyy-XXXX ( #254 )
2023-11-14 11:59:53 +09:00
dependabot[bot]
93697e4740
chore(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 ( #257 )
2023-11-14 09:17:23 +09:00
DmitriyLewen
6fffbb1a26
Open test(k8s): add missed CVE-2022-3172 to expected-vulndb.json ( #255 )
2023-11-13 16:20:21 +09:00
dependabot[bot]
eb47fe8e02
chore(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.3 ( #253 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.55.0 to 1.56.3.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.55.0...v1.56.3 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-26 08:09:47 +09:00
dependabot[bot]
568f56afe4
chore(deps): bump github.com/hashicorp/go-getter from 1.7.2 to 1.7.3 ( #252 )
2023-10-17 11:07:49 +09:00
dependabot[bot]
3593e4ad54
chore(deps): bump golang.org/x/net from 0.16.0 to 0.17.0 ( #251 )
2023-10-13 04:40:20 +03:00
dependabot[bot]
ac61cbd974
chore(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 ( #250 )
2023-10-11 10:40:37 +03:00
chenk
f851c7b730
fix: aggregate k8s events under same package ( #249 )
2023-10-02 18:44:10 +03:00
chenk
dfec39ff26
chore: increase k8s open prs limit ( #248 )
...
Signed-off-by: chenk <hen.keinan@gmail.com>
2023-10-01 19:22:28 +03:00
chenk
08662eae99
chore: add sleep between k8s vuln pr ( #246 )
...
Signed-off-by: chenk <hen.keinan@gmail.com>
2023-09-28 11:38:22 +03:00
Teppei Fukuda
8b9bdf21bc
build: replace PAT with ORG_REPO_TOKEN ( #245 )
...
Signed-off-by: knqyf263 <knqyf263@gmail.com>
2023-09-28 11:17:51 +03:00
chenk
8d2a522b96
fix: cve file name validation ( #244 )
2023-09-28 10:28:05 +03:00
chenk
b98364d3e4
feat: add k8s cve collector ( #239 )
2023-09-27 16:18:16 +03:00
dependabot[bot]
26dae1a5f7
chore(deps): bump github.com/spf13/afero from 1.9.5 to 1.10.0 ( #243 )
2023-09-26 10:52:32 +03:00
Teppei Fukuda
e9a5af7af0
chore: bump Go to 1.20 ( #242 )
...
Signed-off-by: knqyf263 <knqyf263@gmail.com>
2023-09-21 10:20:21 +03:00
Teppei Fukuda
6e704239a6
chore: enable more linters ( #241 )
...
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
2023-09-20 09:23:39 +03:00
dependabot[bot]
09c1d4dd53
chore(deps): bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 ( #238 )
2023-09-12 10:01:19 +03:00
dependabot[bot]
5c22217349
chore(deps): bump actions/checkout from 3 to 4 ( #237 )
2023-09-05 08:47:29 +03:00
DmitriyLewen
a27e53a7d3
BREAKING CHANGE: extract NVD advisories to separate repo ( #230 )
2023-08-29 09:06:38 +03:00
DmitriyLewen
7255411735
feat(ghsa): add swift support ( #233 )
2023-08-23 10:27:30 +03:00
dependabot[bot]
458c4aa135
chore(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 ( #236 )
2023-08-22 10:43:39 +03:00
Teppei Fukuda
e945c726c9
Revert "chore: fall back into vuln-list-reserve ( #229 )" ( #235 )
...
This reverts commit 66b50df091
.
2023-08-14 10:28:50 +03:00
dependabot[bot]
361dd1a3e9
chore(deps): bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 ( #234 )
2023-08-09 12:15:33 +03:00
Nikita Pivkin
c2f1e32f0f
feat(osv): add last_affected and limit fields ( #232 )
2023-08-03 16:06:44 +03:00
dependabot[bot]
dccdb4d01c
chore(deps): bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.2 ( #231 )
2023-08-03 09:15:22 +03:00
dependabot[bot]
64d02d0d46
chore(deps): bump github.com/cheggaaa/pb/v3 from 3.1.2 to 3.1.4 ( #227 )
2023-07-25 15:23:27 +03:00
Teppei Fukuda
66b50df091
chore: fall back into vuln-list-reserve ( #229 )
2023-07-25 11:23:16 +03:00
dependabot[bot]
f883ce2682
chore(deps): bump golang.org/x/oauth2 from 0.9.0 to 0.10.0 ( #224 )
2023-07-25 09:37:52 +03:00
dependabot[bot]
6264a95226
chore(deps): bump golang.org/x/vuln ( #226 )
2023-07-19 10:49:25 +03:00
DmitriyLewen
1c85a70fa5
remove go-vulndb ( #222 )
2023-07-06 16:27:01 +03:00
dependabot[bot]
b3db352df4
chore(deps): bump google.golang.org/grpc from 1.50.1 to 1.53.0 ( #221 )
2023-07-06 12:11:10 +03:00
Teppei Fukuda
cd5808eaaf
fix(debian): remove line ( #220 )
2023-06-30 09:40:03 +03:00
Teppei Fukuda
f54b1d9b90
BREAKING CHANGE: extract Debian security advisories to separate repo ( #219 )
...
* use vuln-list-debian
* test: fix
* rename dir
* refactor: split dirs per year
2023-06-26 16:52:22 +03:00
Teppei Fukuda
ecaf1143a9
BREAKING CHANGE: extract Red Hat security advisories to separate repository ( #217 )
...
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
2023-06-22 10:20:19 +03:00
dependabot[bot]
509986fd13
chore(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 ( #218 )
2023-06-20 06:06:30 +03:00
MaineK00n
9d9f5d48df
style(redhat/securitydataapi): fix typo ( #216 )
2023-06-13 19:48:56 +03:00
dependabot[bot]
bc83d059c6
chore(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 ( #215 )
2023-06-13 05:35:34 +03:00
dependabot[bot]
1475619527
chore(deps): bump github.com/spf13/afero from 1.9.3 to 1.9.5 ( #198 )
2023-06-13 05:35:11 +03:00
dependabot[bot]
48991bf5ff
chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 ( #213 )
2023-06-06 05:33:25 +03:00
dependabot[bot]
111439c466
chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 ( #214 )
2023-06-06 05:32:48 +03:00
afdesk
4c2c29afe6
ci: squash vuln-list
using git-filter-repo ( #212 )
...
Co-authored-by: knqyf263 <knqyf263@gmail.com>
2023-06-05 15:42:41 +03:00
DmitriyLewen
2455a69145
fix(glad): select CVE-ID before GHSA-ID ( #205 )
2023-05-28 11:27:19 +03:00
dependabot[bot]
cb8ace6f60
chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 ( #207 )
2023-05-23 06:20:39 +03:00
dependabot[bot]
5e6a9e51cd
chore(deps): bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 ( #206 )
2023-05-16 05:20:30 +03:00
dependabot[bot]
268096cecd
chore(deps): bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 ( #204 )
2023-04-16 13:33:38 +03:00
dependabot[bot]
c98ad9e990
chore(deps): bump github.com/mattn/go-jsonpointer ( #203 )
2023-03-30 11:32:05 +03:00
Dan Luhring
77ea72500e
Add support for Chainguard distro ( #190 )
...
Signed-off-by: Dan Luhring <dluhring@chainguard.dev>
2023-03-30 11:30:22 +03:00