Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/devops-kung-fu/bomber
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
https://github.com/devops-kung-fu/bomber
Fix broken link to test folder
Pablohn26 opened this pull request about 1 year ago
Pablohn26 opened this pull request about 1 year ago
Refactoring, optimizations, and bug fixes
djschleen opened this pull request about 1 year ago
djschleen opened this pull request about 1 year ago
Doesn't work with CycloneDX version 1.5
anthonyharrison opened this issue about 1 year ago
anthonyharrison opened this issue about 1 year ago
Exitcode fix, Filtering fixes
djschleen opened this pull request about 1 year ago
djschleen opened this pull request about 1 year ago
VS Code extension
nhopkins19 opened this issue about 1 year ago
nhopkins19 opened this issue about 1 year ago
Summary Renderer
nhopkins19 opened this issue about 1 year ago
nhopkins19 opened this issue about 1 year ago
Regression: exit code is not zero when no vulnerabilities or issues found
manolo opened this issue over 1 year ago
manolo opened this issue over 1 year ago
Documentation and Version Bump
djschleen opened this pull request over 1 year ago
djschleen opened this pull request over 1 year ago
False version display 0.4.5 bomber
AJIOXA opened this issue over 1 year ago
AJIOXA opened this issue over 1 year ago
Create exit code documentation
djschleen opened this issue over 1 year ago
djschleen opened this issue over 1 year ago
error retrieving vulnerability data (400 Bad Request)
AJIOXA opened this issue over 1 year ago
AJIOXA opened this issue over 1 year ago
build(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.4.0 in /.github/workflows
dependabot[bot] opened this pull request over 1 year ago
dependabot[bot] opened this pull request over 1 year ago
Bomber deb clashes with existing package
ashemedai opened this issue over 1 year ago
ashemedai opened this issue over 1 year ago
Bomber is not finding packages in a SBOM file that has been converted using the CycloneDX Convert function
6mile opened this issue over 1 year ago
6mile opened this issue over 1 year ago
build(deps): bump github.com/gookit/color from 1.5.3 to 1.5.4
dependabot[bot] opened this pull request over 1 year ago
dependabot[bot] opened this pull request over 1 year ago
build(deps): bump github.com/microcosm-cc/bluemonday from 1.0.23 to 1.0.25
dependabot[bot] opened this pull request over 1 year ago
dependabot[bot] opened this pull request over 1 year ago
build(deps): bump github.com/package-url/packageurl-go from 0.1.0 to 0.1.1
dependabot[bot] opened this pull request over 1 year ago
dependabot[bot] opened this pull request over 1 year ago
build(deps): bump github.com/devops-kung-fu/common from 0.2.5 to 0.2.6
dependabot[bot] opened this pull request over 1 year ago
dependabot[bot] opened this pull request over 1 year ago
build(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 in /.github/workflows
dependabot[bot] opened this pull request over 1 year ago
dependabot[bot] opened this pull request over 1 year ago
Exit code handling
djschleen opened this pull request over 1 year ago
djschleen opened this pull request over 1 year ago
build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.4
dependabot[bot] opened this pull request over 1 year ago
dependabot[bot] opened this pull request over 1 year ago
build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3
dependabot[bot] opened this pull request over 1 year ago
dependabot[bot] opened this pull request over 1 year ago
build(deps): bump github.com/microcosm-cc/bluemonday from 1.0.23 to 1.0.24
dependabot[bot] opened this pull request over 1 year ago
dependabot[bot] opened this pull request over 1 year ago
Exit code handling
timsnyk opened this issue almost 2 years ago
timsnyk opened this issue almost 2 years ago
```bomber``` should fail gracefully with a readable error message if an SBOM cannot be marshalled
jnylund opened this issue almost 2 years ago
jnylund opened this issue almost 2 years ago
Error handling
djschleen opened this pull request almost 2 years ago
djschleen opened this pull request almost 2 years ago
feat: Error handling
djschleen opened this pull request almost 2 years ago
djschleen opened this pull request almost 2 years ago
Update Snyk docs
mcombuechen opened this pull request almost 2 years ago
mcombuechen opened this pull request almost 2 years ago
build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.0 to 0.7.1
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
Duplicate output lines
Feelemoon opened this issue almost 2 years ago
Feelemoon opened this issue almost 2 years ago
Misc. Fixes
djschleen opened this pull request almost 2 years ago
djschleen opened this pull request almost 2 years ago
error retrieving vulnerability data (400 Bad Request)
snowuyl opened this issue almost 2 years ago
snowuyl opened this issue almost 2 years ago
build(deps): bump github.com/gookit/color from 1.5.2 to 1.5.3
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
please add html support description on output of bomber -h
fu7mu4 opened this issue almost 2 years ago
fu7mu4 opened this issue almost 2 years ago
build(deps): bump actions/setup-go from 3 to 4 in /.github/workflows
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
build(deps): bump github.com/briandowns/spinner from 1.22.0 to 1.23.0
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
build(deps): bump github.com/microcosm-cc/bluemonday from 1.0.22 to 1.0.23
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
build(deps): bump github.com/spf13/afero from 1.9.4 to 1.9.5
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
libc requirements in DEB
Feelemoon opened this issue almost 2 years ago
Feelemoon opened this issue almost 2 years ago
goreleaser not releasing
djschleen opened this issue almost 2 years ago
djschleen opened this issue almost 2 years ago
Update release.yml
djschleen opened this pull request almost 2 years ago
djschleen opened this pull request almost 2 years ago
Update release.yml
djschleen opened this pull request almost 2 years ago
djschleen opened this pull request almost 2 years ago
Version bump and update release to go 1.20
djschleen opened this pull request almost 2 years ago
djschleen opened this pull request almost 2 years ago
the 0.4.1 version in release will show 0.4.0 and show "open : no such file or directory" error
erichsu0937 opened this issue almost 2 years ago
erichsu0937 opened this issue almost 2 years ago
Same test SBOM 500's OSSINDEX but not OSV
djschleen opened this issue almost 2 years ago
djschleen opened this issue almost 2 years ago
Bug Fixes
djschleen opened this pull request almost 2 years ago
djschleen opened this pull request almost 2 years ago
Components without Purls should not be processed
djschleen opened this issue almost 2 years ago
djschleen opened this issue almost 2 years ago
build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.4.4 to 6.4.6
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.4.4 to 6.4.5
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
build(deps): bump github.com/briandowns/spinner from 1.21.0 to 1.22.0
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
build(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
bomber published SBOM is incorrectly labeled and has suspicious product name
surendrapathak opened this issue almost 2 years ago
surendrapathak opened this issue almost 2 years ago
Version bump
djschleen opened this pull request almost 2 years ago
djschleen opened this pull request almost 2 years ago
build(deps): bump github.com/spf13/afero from 1.9.3 to 1.9.4
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
No results when scanning a hierachical CycloneDX file from cyclonedx-cli
Feelemoon opened this issue almost 2 years ago
Feelemoon opened this issue almost 2 years ago
build(deps): bump golang.org/x/net from 0.6.0 to 0.7.0
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
No results when scanning CycloneDX file from cargo-cyclonedx
Feelemoon opened this issue almost 2 years ago
Feelemoon opened this issue almost 2 years ago
Adds --ignore-file functionality
djschleen opened this pull request almost 2 years ago
djschleen opened this pull request almost 2 years ago
SARIF output
ericodonoghue opened this issue almost 2 years ago
ericodonoghue opened this issue almost 2 years ago
chore: update snyk readme to include more ecosystems support
topaztee opened this pull request almost 2 years ago
topaztee opened this pull request almost 2 years ago
build(deps): bump github.com/jarcoal/httpmock from 1.2.0 to 1.3.0
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
build(deps): bump github.com/briandowns/spinner from 1.20.0 to 1.21.0
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
Always getting no packages detected from spdx files from yocto
pmkohn opened this issue almost 2 years ago
pmkohn opened this issue almost 2 years ago
build(deps): bump github.com/microcosm-cc/bluemonday from 1.0.21 to 1.0.22
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
Add ZERO.health logo in a sponsor section on README.md
djschleen opened this issue about 2 years ago
djschleen opened this issue about 2 years ago
Create FUNDING.yml
djschleen opened this pull request about 2 years ago
djschleen opened this pull request about 2 years ago
Added missing logo asset
celliott80 opened this pull request about 2 years ago
celliott80 opened this pull request about 2 years ago
Updated with new branding
celliott80 opened this pull request about 2 years ago
celliott80 opened this pull request about 2 years ago
Updated README.md
djschleen opened this pull request about 2 years ago
djschleen opened this pull request about 2 years ago
Standardize output of bomber as VDR output
djschleen opened this issue about 2 years ago
djschleen opened this issue about 2 years ago
New Bomber logo
celliott80 opened this pull request about 2 years ago
celliott80 opened this pull request about 2 years ago
POM/Maven scanning capability
nhopkins19 opened this issue about 2 years ago
nhopkins19 opened this issue about 2 years ago
Add --ignore-flag to ignore specific vulnerabilities
pkunze opened this issue about 2 years ago
pkunze opened this issue about 2 years ago
build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.4.3 to 6.4.4
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
EPSS score output should include the probability as well as the existing percentage
djschleen opened this issue about 2 years ago
djschleen opened this issue about 2 years ago
fix: Fixes issue where a license expression wasn't being utilized
djschleen opened this pull request about 2 years ago
djschleen opened this pull request about 2 years ago
bomber should validate that mandatory fields exist on BOM load
djschleen opened this issue about 2 years ago
djschleen opened this issue about 2 years ago
bomber fails when `licenses` are specified as `expression`
manolo opened this issue about 2 years ago
manolo opened this issue about 2 years ago
build(deps): bump github.com/briandowns/spinner from 1.19.0 to 1.20.0
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
fix: EPSS Score Issues
djschleen opened this pull request about 2 years ago
djschleen opened this pull request about 2 years ago
build(deps): bump goreleaser/goreleaser-action from 3 to 4 in /.github/workflows
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
(Feature Request) Github Action
ppeters0502 opened this issue about 2 years ago
ppeters0502 opened this issue about 2 years ago
EPSS enricher will only return the first 100 results
garethr opened this issue about 2 years ago
garethr opened this issue about 2 years ago
EPSS not working with non-CVE IDs
garethr opened this issue about 2 years ago
garethr opened this issue about 2 years ago
feat: add Snyk provider docs
garethr opened this pull request about 2 years ago
garethr opened this pull request about 2 years ago
Fetch data from VulnerableCode
pombredanne opened this issue about 2 years ago
pombredanne opened this issue about 2 years ago
Need a generous Graphic Designer to donate a new logo
djschleen opened this issue about 2 years ago
djschleen opened this issue about 2 years ago
build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.4.2 to 6.4.3
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
qt.qpa.xcb: could not connect to display
anotherbridge opened this issue about 2 years ago
anotherbridge opened this issue about 2 years ago
Create Website
djschleen opened this issue about 2 years ago
djschleen opened this issue about 2 years ago
build(deps): bump actions/setup-go from 2 to 3 in /.github/workflows
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
build(deps): bump github/codeql-action from 1 to 2 in /.github/workflows
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
build(deps): bump actions/checkout from 2 to 3 in /.github/workflows
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
build(deps): bump goreleaser/goreleaser-action from 2 to 3 in /.github/workflows
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
feat: EPSS support
djschleen opened this pull request about 2 years ago
djschleen opened this pull request about 2 years ago
Add recursive flag to scan all sub-directories
djschleen opened this issue about 2 years ago
djschleen opened this issue about 2 years ago
updated release links to Bomber
Ilanad opened this pull request about 2 years ago
Ilanad opened this pull request about 2 years ago
Add EPSS scoring
AppSecConcierge opened this issue about 2 years ago
AppSecConcierge opened this issue about 2 years ago
feat: Adds files section and hashes to bomber output
djschleen opened this pull request about 2 years ago
djschleen opened this pull request about 2 years ago