Skip to content

Pull requests: google/osv-scalibr

New pull request New
129 Open 1,424 Closed
129 Open 1,424 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

bump cyclonedx-go to v0.11.0 to support Spec 1.7
#2117 opened May 18, 2026 by copybara-service Bot Loading…
Update java/pomxml to support line number field for packages.
#2114 opened May 15, 2026 by copybara-service Bot Loading…
Migrate scan root to use os.Root in Go 1.26
#2111 opened May 14, 2026 by another-rex Collaborator Loading…
Update java/pomxml to store extracted dependencies in a slice instead of a map, which means classifier-specific dependencies (with the same groupId and artifactId) will be treated as distinct.
#2110 opened May 13, 2026 by copybara-service Bot Loading…
chore: Bump github.com/containerd/containerd to v1.7.29
#2106 opened May 13, 2026 by petercieslak Loading…
Example implementation of the configuration redesign for scalibr.
#2103 opened May 13, 2026 by copybara-service Bot Loading…
security: reject HTTP npm registry URLs with credentials (CWE-319)
#2102 opened May 12, 2026 by Dhakshin2007 Loading…
Automated Code Change
#2101 opened May 12, 2026 by copybara-service Bot Loading…
Internal
#2098 opened May 12, 2026 by copybara-service Bot Loading…
Internal
#2097 opened May 12, 2026 by copybara-service Bot Loading…
Internal
#2096 opened May 12, 2026 by copybara-service Bot Loading…
Internal
#2095 opened May 12, 2026 by copybara-service Bot Loading…
Internal
#2094 opened May 12, 2026 by copybara-service Bot Loading…
Internal
#2093 opened May 12, 2026 by copybara-service Bot Loading…
vulnmatch: use Debian source package names for OSV matching
#2089 opened May 11, 2026 by ai-human-andalusia Loading…
1
annotator/osduplicate: avoid suppressing manifest-only dependency groups
#2090 opened May 11, 2026 by ai-human-andalusia Loading…
1
refactor: Temporary directory with os.Root
#2088 opened May 11, 2026 by another-rex Collaborator Loading…
23
The enricher now builds a "reactor" of all pom.xml files discovered in the scan. This allows dependencies between sibling modules in a Maven multi-module build to be resolved locally, without requiring the modules to be published to a remote Maven registry. The enricher pre-registers these sibling modules with the dependency resolver's override client.
#2086 opened May 10, 2026 by copybara-service Bot Loading…
Internal.
#2075 opened May 7, 2026 by copybara-service Bot Loading…
Automated Code Change
#2072 opened May 6, 2026 by copybara-service Bot Loading…
Internal
#2071 opened May 6, 2026 by copybara-service Bot Loading…
Internal
#2070 opened May 6, 2026 by copybara-service Bot Loading…
Internal
#2069 opened May 6, 2026 by copybara-service Bot Loading…
Do not fail Linux distro EndOfLife if not a linux distro
#2068 opened May 6, 2026 by evankanderson Contributor Loading…
3
PRP: Add Extractor for Nuget Project Assets Internal-Review Currently in the internal review process.
#2065 opened May 6, 2026 by 0xXA Contributor Loading…
1
4
ProTip! Mix and match filters to narrow down what you’re looking for.