osv-scanner
osv-scanner copied to clipboard
google
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
This PR adds installation instructions for using Scoop on Windows (https://github.com/ScoopInstaller/Main/pull/4231) which should make it nice and easy for anyone on a Windows machine to use this.
> Reopening after closing by accident this [PR](https://github.com/google/osv-scanner/pull/63) As I mentioned in this issue: https://github.com/google/osv-scanner/issues/55, the project could have an official docker image. This implementation will generate a docker image...
Currently `Pipfile.lock` is not a support lock file, please add support.
There is no strict requirement on `requirements.txt` as the filename for requirements files. We should be able to detect more cases like these.
Automatically generate VEX statements based on call graph analysis or ignored vulnerabilities set in the scanner config.
Currently the focus of OSV-Scanner is on lockfiles, with preliminary support for Debian container scanning. We will extend this to better container scanning as well: - Better package extraction from...
The project has a high chance of gaining a lot of adoption. To help with adoption, the project could provide other ways to install besides go install or download binaries....
This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.[View this repository on the Mend.io Web Portal](https://developer.mend.io/github/google/osv-scanner). ## Awaiting Schedule The following updates are...
![forking-renovate[bot] avatar](https://avatars.githubusercontent.com/in/7402?v=4 "forking-renovate[bot] avatar"){kind=avatar}