Caleb Brown
Caleb Brown
Hi @christophetd - I work on the Malicious Packages repository. Your dataset could be included in the Malicious Packages data set, and I would be happy to work with you...
For context this is for https://github.com/ossf/malicious-packages/issues/935 My plan is to have an IAM role whose ID can be used by malicious report sources to provide access to their AWS S3...
Hi, just wondering where this is up to. Thanks! @kj-powell
Hi @kam193, Sorry for the slow reply. I would be happy to work with you on ingesting your data automatically. PyPI related coverage is an area I am keen to...
Thanks for moving so quickly! I'll take a look early next week. My plan is to implement support for git-based sources so that it can run alongside the cloud sources.
Hi @kam193, I have nearly prepared the code on my side for integrating. During testing I noticed that your OSV is slightly incorrect. The `affected` key should point to an...
Thanks for adding the IoCs! Feel free to leave the `id` and `summary` fields. These are overridden by the malicious package automation. Finally, I notice that you use `"versions": []`...
Hi Luke, This behavior is intentional. The Malicious Packages repository aggregates reports from multiple sources so it is has to account for the possibility that multiple sources include a report....
Hi! Very happy to help integrate. There aren't many docs at the moment. I'll try and extend them to help. In the mean time you can see some of the...