Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Factory:Rebuild
osv-scanner
osv-scanner.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File osv-scanner.changes of Package osv-scanner
------------------------------------------------------------------- Thu Oct 31 10:47:27 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.9.1: * chore: v1.9.1 Changelog (#1358) * docs: update usage references (#1351) * chore(deps-dev): bump rexml from 3.3.8 to 3.3.9 in /docs in the bundler group (#1349) * chore: remove unused fixture file (#1353) * test: update snapshot (#1354) * chore: Also trigger workflow when merging into v2 (#1343) * feat: add `--experimental-offline-vulnerabilities` and `--experimental-no-resolve` flags (#1342) * docs: update documentation about Maven registry support (#1340) * ci: ensure that generated files have been regenerated as part of prerelease checks (#1312) * test: update snapshot (#1335) * feat: fetch Maven metadata from specified repositories (#1286) * chore(deps): lock file maintenance (#1334) * chore(deps): update workflows (#1333) * feat: deprecate axillary public packages in favor of private versions (#1309) * fix: use correct path separator in SARIF output when on Windows (#1294) * chore: Update snapshots (#1328) * fix: warn about and ignore duplicate entries in SBOMs (#1289) * feat(guided remediation): support offline database in fix subcommand (#1306) * fix: set CharsetReader and Entity when reading pom.xml (#1325) * fix(deps): update osv-scanner minor (#1323) * chore(deps): update workflows (#1322) * fix(guided remediation): update deps.dev Maven resolver (#1320) * chore: update golangci-lint to 1.61.0 (#1318) * fix: address a number of typos (#1307) * fix: update spdx license ids (#1310) * feat(output): add HTML output format (#1258) * test: update snapshots (#1314) * chore: ignore `node_modules` in git (#1308) * fix(deps): update osv-scanner minor (#1302) * chore(deps): update workflows (#1301) * chore(deps): update golang docker tag to v1.23.2 (#1300) * test: update snapshot (#1304) * refactor: Update test names (#1297) * test: update snapshots for guided remediation (#1296) * fix: sort sbom packages by PURL (#1288) * fix: improve handling if `docker` exits with a non-zero code when trying to scan images (#1285) * feat: support `vulnerabilities.ignore` in package overrides (#1268) ------------------------------------------------------------------- Wed Oct 02 06:30:06 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.9.0: * chore(release): changelog for v1.9.0 (#1292) * chore(deps): update workflows (#1281) * chore(deps): lock file maintenance (#1282) * fix: bump osv max concurrent requests (#1290) * fix: apply go version override to _all_ instances of the `stdlib` (#1278) * fix: output invalid PURLs when scanning sboms (#1283) * fix(offline): report all ecosystems without local databases in one single line (#1279) * test: update snapshot (#1284) * chore(deps): update workflows (#1264) * fix(deps): update osv-scanner minor (#1265) * feat: assume `txt` files with "requirements" in their name are `requirements.txt` files (#1271) * chore(deps): update dependency webrick to v1.8.2 [security] (#1270) * test: update case to reflect recent config parsing changes (#1267) * feat: group DSA and its CVEs together (#1262) * feat: error if configuration file has unknown properties (#1249) * fix: don't allow `LoadPath` to be set via config file (#1252) * refactor: Follow revive rules across the repo (#1263) * chore: make guided remediation follow revive's default lint rules (#1259) * refactor(guided remediation): Take `PreFetch` out of `DependencyClient` interface and prevent repeated datasource network calls (#1224) * ci: pin `amannn/action-semantic-pull-request` to a commit (#1256) * ci: pin `actions/stale` to a commit (#1255) * test: update snapshots with new security vulnerabilities (#1254) * chore: deprecate parser functions in favor of their extract equivalents (#1253) * refactor: simplify and reuse `tryLoadConfig` (#1248) * test: ensure `cmp.Diff` usage is consistent (#1251) * test: restructure internal `config` cases and fixtures (#1250) * fix: don't assume there's always a reason for a package being filtered out (#1241) * feat: Copy over dark docs theming from osv.dev (#1245) * fix: announce when a config file is invalid and exit with a non-zero code (#1242) * chore(deps): update workflows (#1247) * fix(deps): update osv-scanner minor (#1246) * feat: allow explicitly ignoring the license of a package in config (#1243) * feat(guided remediation): remediate unresolved dependency management vulns (#1235) * chore(deps): update alpine:3.20 docker digest to beefdbd (#1230) * chore(deps): update golang docker tag to v1.23.1 (#1231) * chore(deps): update workflows (#1205) * fix(deps): update osv-scanner minor (#1204) * chore(deps): lock file maintenance (#1195) ------------------------------------------------------------------- Sat Sep 14 10:51:29 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.8.5: * chore(release): changelog for v1.8.5 (#1237) * fix: make Alpine ecosystem fallback to latest release version (#1236) * feat(internal): marshal self-closing tags in XML (#1225) * chore: update Go to version 1.22.7 (#1233) * feat: support composite-based package overrides (#1214) * chore: update test snapshots (#1232) * fix: govulncheck calls on C code (#1228) * refactor: use forked xml package for writing (#1223) * chore: update test snapshots (#1222) * feat(internal): add Maven native dependency client (#1207) * fix(guided remediation): Add special handling for specific Maven packages (#1219) * fix(deps): update module github.com/charmbracelet/bubbletea to v1 (#1217) * fix(internal): encode XML tokens without escaping (#1216) * chore: update test snapshots (#1218) * chore: axe `.go-version` file (#1212) * feat(guided remediation): Add `FIXED-VULN-IDS` to non-interactive output (#1210) * perf: ignored packages should be filtered out before scanning (#1206) * feat: support fetching snapshot versions from a Maven registry (#1160) * fix: stop finding more parent pom if the path is empty (#1194) * chore: add missed test ignore vuln (#1209) * chore: add `osv-scanner.toml` files to make Scorecard ignore vulnerabilities in our test fixtures (#1202) * chore(deps): update workflows (#1186) * fix(deps): update osv-scanner minor (#1187) * fix: correct for breaking change in glamour v0.8.0 (#1201) * chore(deps): update dependency github-pages to v232 (#1189) * chore(deps): update golang docker tag to v1.23.0 (#1188) ------------------------------------------------------------------- Sat Sep 14 10:49:17 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.8.4: * chore(release): release v1.8.4 (#1200) * refactor: move Maven utility to a separate package (#1193) * docs: link to the Scorecard Report (#1197) * fix: unescape tabs before writing to pom.xml (#1190) * feat(guided remediation): add `--upgrade-config` flag (#1191) * chore: add PR title check to follow Git commit convention (#1178) * chore: add new vulnerability aliases to test snapshots (#1192) * feat: write Maven updates to parent pom.xml if possible (#1182) * chore: use the latest version of `golangci-lint` (#1185) * fix(guided remediation): error on `--data-source=native` for Maven (#1180) * ci(workflow): address address github.com/rhysd/actionlint findings (#1176) * fix(workflow): correct permission name (#1175) * chore(deps): update workflows (#1173) * fix(deps): update osv-scanner minor (#1174) * fix: only trim XML elements with no inner elements (#1168) * fix(workflow): Add explicit permissions (#1171) * docs: add conventional commits requirement (#1172) * Package tracing PoC (#1049) * Update go policy and use stable go version for builds (#1156) * chore(deps): update dependency wdm to "~> 0.2.0" (#1163) * fix(deps): update osv-scanner minor (#1162) * chore(deps): update workflows (#1161) * Add changelog for v1.8.3 (#1150) ------------------------------------------------------------------- Wed Aug 07 07:04:10 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.8.3: * chore: update dependency `github.com/docker/docker` (#1166) * chore(deps-dev): bump rexml from 3.3.2 to 3.3.3 in /docs in the bundler group (#1158) * add maven changes * feat(guided remediation): add non-interactive Maven remediation by override (#1136) * Label closed stale issues/PRs (#1165) * Fix snapshots (#1164) * Refactoring Maven manifest reading (#1159) * Do not attempt to remediate vulnerabilities in Maven artifacts that have defined `<classifier>` or `<type>` (#1151) * Handle Maven parent relative path (#1149) * fix(workflow): add read permission to `osv-scanner-reusable.yml` (#1157) * fix(workflow): update prerelease-check.yml to the latest OSV-Scanner action (#1153) * fix(osv-github-action): If all vulnerabilities are not called, don't return an non zero exit code in osv-reporter (#1152) * update snaps * fix style * Add changelog for v1.8.3 * chore(deps): lock file maintenance (#1130) * Increase frequency of staleness runs (#1148) * Improve Maven manifest updater (#1147) * chore(deps): update workflows (#1145) * fix(deps): update osv-scanner minor (#1146) * chore(deps): update golang:1.22.5-alpine3.19 docker digest to 48aac60 (#1144) * chore(deps): update alpine:3.20 docker digest to 0a4eaa0 (#1143) * feat: add "vertical" output format (#889) * chore(deps-dev): bump rexml from 3.3.1 to 3.3.2 in /docs in the bundler group (#1132) * Add Maven dependency management to override client (#1140) * Add original manifest to Maven ManifestPatch (#1134) * Exempt backlog label from stale treatment (#1135) * fix(deps): update osv-scanner minor (#1120) * Reflect Go 1.21.12 change more broadly (#1133) * ci: don't mark v2 wishlished issues as stale (#1131) * chore(deps): update workflows (#1119) * Workflow for stale issue and PR management (#1125) * Bump goreleaser build version to 1.22. (#1126) * Set the original requirement in patches from suggest (#1117) * fix: ensure that `semantic` is passed a valid `models.Ecosystem` (#1116) * Update docs: test dependencies not in the resolved graph (#1114) * Improved the runtime of DiffVulnerabilityResults (#1091) * Start on override strategy for maven guided remediation (#1025) * Sort dependencies before writing to pom.xml (#1113) * Activate profiles before merging parent (#1108) * Fix the wrong dependencies/dependency tags (#1112) * refactor: update linter and address minor violations (#1110) * Add a dependency to pom.xml if it is not from the base project (#1105) ------------------------------------------------------------------- Wed Jul 10 07:40:40 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.8.2: * Bump go mod min version (#1109) * Add changelog for v1.8.2 (#1106) * Fix npm grouping (#1107) * Add warning to the default docker container scanning method (#1089) * Move sbom to internal, and add standard output tests (#1104) * fix: ensure that npm dependencies retain their "production" grouping (#939) * test: add output fixtures for call analysis (#1093) * fix: restore custom styling to table format (#1094) * chore(deps): lock file maintenance (#1103) * chore(deps): update workflows (#1101) * github-action.md add version into md example (#1073) * ✨ Adding CycloneDX 1.4 and 1.5 reporter (#1014) * chore(deps): update golang docker tag to v1.22.5 (#1100) * fix(deps): update osv-scanner minor (#1102) * Add go compiler to enable call analysis in the github action (#1099) * Update github action docs in osv-scanner (#1096) * test: update snapshots (#1092) * Refactoring `manifest.Read()` for Maven (#1083) * refactor: just disable color output rather than tracking terminal width (#1087) * ci: upgrade `semantic` workflow to use v4 for artifact workflows (#1088) * chore(deps): update workflows (#1080) * fix(deps): update module github.com/spdx/tools-golang to v0.5.5 (#1081) * Added Testing for the SPDX SBOM Reader (#1086) * Changed min and max to inbuilt functions (#1076) * Update snapshots (#1084) * fix: use errgroup to avoid hydration deadlock scenario (#1078) * ci: setup workflow to run `semantic` tests weekly (#958) * test: update snapshots (#1079) * filter out unimportant vulnerabilities from vuln group (#1072) * Fix test (#1071) * fix: ensure that `package` exists in `affected` property (#1055) * Cherry-pick unmerged change from docs branch (#1069) * chore(deps): update alpine:3.20 docker digest to b89d9c9 (#1062) * chore(deps): update golang:1.22.4-alpine3.19 docker digest to c46c460 (#1063) * fix(deps): update module github.com/charmbracelet/bubbletea to v0.26.6 (#1064) * Combine Debian unimportant count logs (#1067) * Update tests to support go version changes (#1065) * fix: only care about ecosystem suffix if present in both ecosystems when determining equality (#1007) * refactor: enable `revive/indent-error-flow` (#997) ------------------------------------------------------------------- Fri Jun 21 20:09:23 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.8.1: * Make 1.8.1 release (#1056) * feat: bump goreleaser to v2 (#1054) * Update goreleaser.yml (#1052) ------------------------------------------------------------------- Fri Jun 21 20:07:23 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.8.0: * v1.8.0 Changelog (#1050) * Add documentation for the configuration. (#1051) * Update documentation for transitive dependency scanning (#1040) * Invoke `MavenResolverExtrator` when scanning pom.xml (#1028) * fix(deps): update osv-scanner minor (#1044) * chore(deps): update workflows (#1043) * chore(deps): update golang docker tag to v1.22.4 (#896) * chore(deps): lock file maintenance (#1033) * chore(deps): update goreleaser/goreleaser-action action to v6 (#1032) * Add `experimental-download-offline-databases` flag (#1039) * Update snapshots and exit codes (#1041) * Upgrade deps.dev dependencies (#1035) * Remove busybox from alpine SBOM (#1037) * Add go binary scanning (#1011) * Update Go patch version (#1030) * Merge parent projects for Maven pom.xml (#1019) * Update base docker image for golang 1.21.11 (#1029) * implement filtering by packages through the config (#944) * Dependency imports should always be fetched from upstream (#1027) * Upgrade go version (#1024) * Fix broken TUI styling (#1023) * Update test snapshots (#1022) * chore(deps): lock file maintenance (#1018) * fix(deps): update osv-scanner minor (#1017) * chore(deps): update workflows (#1016) * ci: don't try to upload code coverage on macOS (#1020) * Fix some Maven manifest & resolver issues (#1008) * Transitive dependency support for Maven pom.xml (#1002) * Select a version that actually exists (#1012) * Maven standard dependencies should take precedence over managed dependencies (#1000) * Do not record Maven `compile` scope in dependency groups (#1003) ------------------------------------------------------------------- Thu May 30 09:34:18 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.7.4: * Remove feature from changelog as it's still blocked on #769 (#1006) * V1.7.4 changelog (#1001) * Update typo in supported_languages_and_lockfiles.md (#998) * feat: support comparing Alpine versions locally (#980) * Now that we have updated to go1.21.10, we can remove the ignore line from osv-scanner.toml (#996) * chore(deps): update workflows (major) (#897) * fix(deps): update osv-scanner minor (#994) * chore(deps): update alpine docker tag to v3.20 (#993) * Update test snapshots (#992) * test: add cases for output functions (#937) * fix(deps): update osv-scanner minor (#978) * Add a new Maven pom.xml extractor (#982) * feat: support parsing `gradle/verification-metadata.xml` (#943) * chore(deps): update workflows (#977) * chore(deps): update golang:1.21-alpine3.19 docker digest to 1c2e474 (#985) * chore(deps-dev): Bump the bundler group across 1 directory with 2 updates (#983) * make Maven parent path relative on current project (#987) * Fix snapshots and alpine version (#990) * Update deps.dev dependencies (#984) * [docs] Add installation instructions for FreeBSD and NetBSD (#969) * Disable all unimportant vulnerabilities (#968) * GR: Add test universe generation script and tests for patch generation (#967) ------------------------------------------------------------------- Thu May 09 07:20:31 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.7.3: * chore(deps): update golang:1.21-alpine3.19 docker digest to b3aea8d (#973) * v1.7.3 changelog and version bump (#972) * Update gomod go version (#971) * Fix tests; add newly discovered vulns (#970) * Update go.mod to 1.21.9 (#907) * chore: import `sys` in Python generators (#966) * ci: upgrade `golangci/golangci-lint-action` to v5 (#964) * chore: only extract versions from packages in the generator ecosystem (#957) * refactor: encapsulate getting the working directory in a helper function (#961) * refactor: apply Rubocop to Ruby generator (#956) * test: remove future snapshots (#960) * chore(deps): update workflows (#935) * fix(deps): update osv-scanner minor (#945) * chore(deps): lock file maintenance (#962) * Fix snapshot for test (#963) * fix: ensure the sarif output has a stable order (#938) * chore: support skipping known unsupported comparisons in generators (#954) * chore(deps): lock file maintenance (#936) * chore: improve version fixture generators for local usage (#953) * ci: cancel in-progress runs when new changes are pushed (#959) * Automated Updates: support parents and dependency imports (#890) * GR: Support filtering on alias IDs (#946) * ci: ensure input name case matches just to be safe (#955) * refactor: use `maps` functions instead of custom implementations (#940) * test: update snapshots due to external vulnerability changes (#951) * ci: upgrade Codecov to v4 (#941) * feat: add support for PNPM v9 lockfiles (#934) * Add new vuln to tests (#947) * chore: add missing space to panic message (#942) * test: include groups when describing package details (#933) ------------------------------------------------------------------- Fri Apr 19 04:46:42 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.7.2: * Changelog for v1.7.2 (#932) * GR: Use deps.dev schema for graph definition in tests (#911) * ci: ensure snapshots are always cleaned up (#903) * test: clean up image snapshots (#923) * Fix paths in test snapshots (#930) * Fix regression for go call analysis in 1.7.0 (#926) * fix(deps): update osv-scanner minor (#918) * chore(deps): lock file maintenance (#919) * Ignore stdlib vuln (#920) * GR: Test `MatchVuln()` (#912) * GR: resolve tests & mock client (#909) * GR: Parse paths in npmrc auth fields correctly (#901) * Fix rust call analysis by explicitly disabling stripping of debug info (#908) * fix(deps): update osv-scanner minor (#895) * chore(deps): update golang:1.21-alpine3.19 docker digest to ed8ce6c (#905) * chore(deps): update workflows (#906) * chore(deps): lock file maintenance (#898) * test: clean and sort snapshots (#904) * Add new vuln for failing test (#900) * GR: Tests for npm relaxer (#894) * GR: Add simple test for package-lock.json writing (#891) * chore(deps): update workflows (#886) * fix(deps): update osv-scanner minor (#885) * update deps.dev/util/maven (#892) * Make MockHTTPServer for tests (#888) * GR: Add tests for npmrc & npm registry api (#879) * Update github action docs to v1.7.1 (#881) * Use stable deps.dev v3 API (#882) * test: pin alpine image to exact sha (#880) * test: change how snapshot matchers are called and update example name for consistency (#866) * [docs] Fix the HTTP link for downloading offline database. (#877) * fix(renovate): constrain go to 1.21 and do not update golang (#874) * ci: harden workflow permissions (#872) * chore(deps): Bump github.com/docker/docker from 25.0.3+incompatible to 25.0.5+incompatible (#878) ------------------------------------------------------------------- Wed Mar 20 06:19:45 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.7.1: * v1.7.1 changelog and removing unused fixtures (#876) * Fix/update retry logic in OSV (#860) * perf: optimize string formatting and update linting (#828) * test: add cli cases for `node_modules` images (#870) * Follow up PR851 mark acceptance on image tests (#869) * GR: Add npm lockfile read tests (#853) * ci: downgrade codecov action to v3 (#871) * test: use "public" package where possible (#838) * test: regenerate snapshots (#867) * Pin the dockerfiles to the correct base image (#865) * chore(deps): update workflows (#863) * fix(deps): update osv-scanner minor (#864) * add MakeVersionRequestsWithContext() (#781) * improve error messages in Maven registry client (#859) * Fix location of "*" for requirements.txt (#858) * docs: reword sentence in guided-remediation (#846) * Put API/networking errors on another error code (#857) * chore(deps): update golang:alpine docker digest to fc5e584 (#852) * Find and save the distro version when extracting from debian and alpine (#854) * fix: allow users to override GOVERSION (#850) * feat: support scanning `node_modules` generated by NPM in container images (#851) * GR: Add npm ManifestIO tests & minor fixes (#845) * Automated Updates: set up update subcommand (#830) ------------------------------------------------------------------- Fri Mar 15 21:49:28 UTC 2024 - opensuse_buildservice@ojkastl.de - BuildRequire go 1.21.8 to follow upstream - Update to version 1.7.0: * Update changelog for v1.7.0 (#843) * Merge docs to main (#842) * Replace stereoscope with using go-containerregistry directly (#836) * Rename relaxer and suggester (#839) * Update deps (#841) * Downgrade go.mod (#833) * chore(deps): update workflows (#835) * Add more guided remediation known issues re: vulnerabilitiy counting (#840) * Guided Remediation Docs (#827) * test: automatically cleanup test zip server (#834) * chore(deps): lock file maintenance (#822) * fix(deps): update osv-scanner minor (#807) * ci: remove unneeded `setup-go` step and pin `actions/download-artifact` (#786) * Dont traverse gitignored dirs for gitignore files (#797) * test: make `createTestDir` a general test utility (#832) * Maximum severity rating for each Group object in JSON output (#805) * Automated Updates: add a simple Maven registry API client (#837) * Automated Updates: only append dependencies with property to original requirements (#823) * chore(deps): update dependency github-pages to v231 (#821) * chore(deps): update workflows to v4 (major) (#784) * chore(deps): update workflows (#806) * Added a switch for using cached local db in test to improve speed (#826) * Remove version from the binary name. (#831) * Automated Updates: suggest property patches to update for Maven (#824) * refactor: replace usage of deprecated function (#829) * chore: don't ignore `fixtures` directory (#825) * Align GoVulncheck Go version with go.mod (#818) * Guided Remediation: Compute Dev dependencies in in-place parsing (#816) * Automated Updates: add ManifestIO for Maven (#813) * Update suggester package name (#817) * Automated Updates: add version suggester for Maven (#815) * Guided remediation: Interactive mode TUI (#811) * Proof of Concept of container scanning (#808) * Guided Remediation: non-interactive mode (#798) * Update main with the new docs updates. (#810) * Add user agent to deps.dev requests (#804) * chore(deps): update golang:alpine docker digest to 8e96e6c (#793) * fix(deps): update osv-scanner minor (#794) * chore(deps): update dependency github-pages to v230 (#796) * chore(deps): update workflows (#795) * Start setting up guided remediation subcommand (#792) * Guided Remediation: Compute in-place updates (#789) * Guided Remediation: Add `package-lock.json` LockfileIO (#785) * add new spdx identifiers (#788) * chore(deps-dev): Bump nokogiri from 1.15.5 to 1.16.2 in /docs (#787) * chore(deps): update workflows (#783) * fix(deps): update osv-scanner minor (#782) * Guided Remediation: add npm registry clients & `.npmrc` parsing (#778) * Fix tests (#780) ------------------------------------------------------------------- Wed Jan 31 14:00:36 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.6.2: * Update changelog for 1.6.2 (#779) * chore(deps): update golang:alpine docker digest to a6a7f1f (#772) * chore(deps): update alpine:3.19 docker digest to c5b1261 (#771) * Add pdm lockfile support (#776) * Guided Remediation: Make `VulnerabilityClient` for OSV queries (#773) * Do not fail if no lockfiles found in github action (#774) * Guided Remediation: Add computation for all relaxation patches (#766) * Parse severities for guided remediation (#767) * Add pictures to github action docs (#768) * Guided Remediation: Add dependency relaxation & re-resolution (#765) * Update govet printf settings (#745) * fix: improve wording of usage description (#764) * Guided Remediation: add npm `package.json` manifest parser (#763) * Update github action version (#761) * Guided Remediation: Add manifest resolution (#757) * Add OSV-Scanner subcommands (#748) * test: use snapshot-based testing (#717) * chore(deps): lock file maintenance (#760) * fix(deps): update osv-scanner minor (#758) * chore(deps): update workflows (#759) * add dependency groups to flattened vulnerability (#754) * Use new GitHub action in new repository (#756) ------------------------------------------------------------------- Thu Jan 18 08:15:11 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.6.1: * Final goreleaser fix (#753) * Remove unnecessary docker manifest entry in goreleaser (#752) * Update goreleaser to fix release pipeline (#751) ------------------------------------------------------------------- Thu Jan 18 08:13:06 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 1.6.0: * Update CHANGELOG.md for 1.6.0 (#749) * Bump version for OSV-Scanner. (#750) * Build action image when releasing (#747) * fix(deps): update osv-scanner minor (#743) * chore(deps): update actions/upload-artifact action to v4.1.0 (#744) * chore(deps): update golang:alpine docker digest to fd78f2f (#719) * chore(deps): update workflows (major) (#709) * chore(deps): update alpine docker tag to v3.19 (#708) * fix(deps): update osv-scanner minor (#700) * chore(deps): lock file maintenance (#710) * chore(deps): update github/codeql-action action to v2.23.0 (#707) * Assume latest patch version if version does not exist (#740) * Add support for verbosity levels (#727) * Show ecosystem and version even if git is shown if the info exists. (#736) * chore(deps): Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 (#738) * Add option to not fail on vuln to workflow files (#737) * Fix vulnerabilities that OSV-Scanner found (#724) * Add option to not fail on vulnerability being found for github action (#732) * fix: remove deprecated `Reporter` methods (#722) * fix directives related to go generate in package spdx (#730) * verify license allowlist against spdx identifiers (#729) * Add formatting instructions to docs contribution (#723) * Adjusting docs (#716) * fix(deps): update module github.com/go-git/go-git/v5 to v5.11.0 [security] (#721) * Get go stdlib version from go.mod (#704) * feat: support `PrintTextf` and `PrintErrorf` on `Reporter` (#706) * Refactor: attempt to transition into using models.Ecosystems rather than lockfile.Ecosystems (#705) * Updating cdxgen-go version in go.mod (#718) * Unify OSV scanner action (#711) * refactor: setup `prettier` for formatting files (#693) * Return an error if both license scanning and local/offline scanning is enabled simultaneously (#703) * chore(deps): update golang:alpine docker digest to feceecc (#699) * scan and report dependency groups of vulnerabilities (#655) * Create an option to skip/disable upload to code scanning (#702) * Add support for NuGet lock files version 2 (#694) * remove extra backtick in license scanning documentation (#696) * Update changelog to include minimum go version changes (#695) ------------------------------------------------------------------- Wed Dec 06 12:05:33 UTC 2023 - kastl@b1-systems.de - Update to version 1.5.0: * Add changelog for verson 1.5.0 (#692) * Fix go mod (#691) * chore(deps): lock file maintenance (#653) * refactor: switch golang.org/x/exp/slices usages to stdlib (#690) * Include available formats in `--format` help message (#685) * chore(deps): update golang:alpine docker digest to 70afe55 (#687) * chore(deps): update alpine:3.18 docker digest to 34871e7 (#686) * fix(deps): update osv-scanner minor (#688) * Add `osv-scanner` pre-commit hook (#669) * Fix goreleaser build (#683) * feat: CVSS v4.0 support and replace cvss implementation to comply with the specifications (#651) * chore(deps): update workflows (#666) * Added license scanning info (#674) * update docs for call analysis. (#682) * Setup manual release pipeline (#681) * add experimental-licenses summary flag (#678) * Set Go call analysis to default behaviour (#665) * Fix filter ids (#647) * feat: add support for `renv.lock` (#668) * Simplify return codes to return 1 if any vulnerability related error (#677) * fix(deps): update osv-scanner minor (#652) * refactor: upgrade golangci-lint (#673) * make license allowlist matching case insensitive (#672) * ci: run tests on Windows (#646) * feat: add support for comparing CRAN versions (#656) * ci: update `golangci-lint` to v1.54 (#661) * Don't include nested vendored libs in determineversions query. (#649) * chore: disable `goconst` linter (#662) * fix: remove noise lockfile warnings (#660) * ci: enforce that `cachedregexp` is always used instead of `regexp` (#663) * Adding C/C++ info to the docs (#648) * cmd/osv-scanner: update sarif output in test cases (#659) * Downgrade jekyll-feed. Update lock file (#650) * chore(deps): update golang:alpine docker digest to 110b07a (#640) * fix: properly handle file/url paths on Windows (#645) * test: don't ignore anything from coverage (#627) * fix(deps): update osv-scanner minor (#641) * Filter local packages from scanning, and report the filtering. (#643) * license checking experimental feature (#501) * upgrade version of Go in GitHub checks (#637) * test: check against error type rather than message (#628) * Minor github action docs changes to clarify behaviour. (#630) ------------------------------------------------------------------- Thu Nov 02 05:58:57 UTC 2023 - kastl@b1-systems.de - Update to version 1.4.3: * Prepare for v1.4.3 release (#629) * Add support for determineversions API (#612). (#621) * Refactor package scanning to produce packages instead of queries (#614) * Fix permissions in PR osv-scanner (#625) * Fix gitignore matching for root directory (#626) * Go binary not found should not be an error (#622) * Scan submodules too. (#581) * fix: handle yarn aliased packages (#615) * fix(deps): update osv-scanner minor (#618) * chore(deps): update github/codeql-action action to v2.22.5 (#616) * chore(deps): update dependency jekyll-feed to v0.17.0 (#597) * chore(deps): update workflows (#596) * handle npm aliased packages (#610) * Some minor post release fixes (#613) * Gate extended tests (#598) * test: use `cmp.Diff` for diffing (#605) * fix: remove some extra newlines in sarif report (#607) ------------------------------------------------------------------- Wed Oct 25 04:43:42 UTC 2023 - kastl@b1-systems.de - Update to version 1.4.2: * Prepare for 1.4.2 release (#609) * chore: don't trim trailing whitespace on fixture snapshots (#608) * Update release pipeline (#602) * fix: trim leading and trailing newlines off SARIF output (#606) * Add name field to sarif rule output (#600) * chore(deps): update dependency jekyll-feed to v0.17.0 (#579) * chore(deps): update golang:alpine docker digest to 926f7f7 (#591) * chore(deps): update workflows (#592) * Make scheduled and PR scanning only scan the relevant files and ignore fixtures (#594) * Update docs to add in saving to file option (#593) * Clarify in the docs actions will fail when vulns are found (#587) * chore(deps): Bump golang.org/x/net from 0.16.0 to 0.17.0 (#585) * Change branch back in github action (#586) * Fix permissions and attempt "Download Artifact" option to allow custom lockfiles (#584) * Small doc adjustments for GitHub Actions (#582) * fix(deps): update osv-scanner minor (#578) * Update deps and fix tests (#583) * Improve documentation for github actions (#575) * chore(deps): update golang:alpine docker digest to a76f153 (#577) * chore(deps): update workflows (#580) * fix: support versions with build metadata in `yarn.lock` files (#576) * Add additional tests for git scanning, and markdown format (#569) ------------------------------------------------------------------- Fri Oct 06 13:11:57 UTC 2023 - kastl@b1-systems.de - Update to version 1.4.1: * Allow release scanning to upload SARIF file. (#573) * Fix goreleaser and update changelog (#572) * 1.4.1 release and changelog (#571) * SARIF with fixed version (#559) * chore(deps): update dependency jekyll-feed to v0.17.0 (#568) * chore(deps): update github/codeql-action action to v2.21.9 (#567) * chore(deps): update golang:alpine docker digest to 4bc6541 (#566) * chore(deps): update alpine:3.18 docker digest to eece025 (#565) * ci: don't fetch the whole repository history when its not needed (#562) * ci: ensure that `actions/checkout` is pinned (#563) * Block release on vuln scan (#561) * ci: use `.go-version` file (#564) * ci: run tests on macos and in parallel when releasing (#560) * test: use `cmp.Diff` for comparing output (#558) * Add new ecosystems, and a slice containing all of them. (#557) * test: compare expected with actual rather than the other way around (#556) * chore: move scripts into the `scripts` directory (#555) * ci: combine lint and test workflows (#554) * test: add cases for extra coverage (#524) * chore(deps): update dependency jekyll-feed to v0.17.0 (#544) * chore(deps): lock file maintenance (#545) * chore(deps): update workflows (#538) * Add custom scan arguments (#552) * SARIF output fixes. (#547) * Minor readme update (#546) * Action docs (#541) * Update SARIF format (#534) * Fix action naming and scheduled scan parameters (#543) * chore(deps): update workflows (major) (#540) * Attempt at multiline action (#542) * fix(deps): update osv-scanner minor (#539) * Update experimental.md (#536) ------------------------------------------------------------------- Thu Sep 14 05:01:43 UTC 2023 - kastl@b1-systems.de - Update to version 1.4.0: * Fix issue in the changelog (#533) * 1.4.0 changelog and docs (#532) * Adding Offline info (#517) * chore(deps): update golang:alpine docker digest to 96634e5 (#527) * chore(deps): update workflows (#529) * fix(deps): update osv-scanner minor (#528) * Fix result scanning (#526) * ci: change how coverage is collected (#525) * chore: capture coverage and upload it to codecov (#512) * chore(deps): update dependency jekyll-feed to v0.17.0 (#520) * Correctly use matchFileNames in renovate.json (#522) * Update test results to pass new test (#523) * Revert breaking change in `osv.go` (#514) * Add osv output lockfile + refactor (#505) * Update renovate.json (#504) * fix(deps): update osv-scanner minor (#506) * Refactor models (#510) * chore(deps): update dependency jekyll-feed to v0.17.0 (#508) * chore(deps): update actions/checkout action to v3.6.0 (#507) * Update contributing docs (#502) * chore(deps-dev): Bump activesupport from 7.0.7 to 7.0.7.2 in /docs (#503) * fix(deps): update golang.org/x/exp digest to d852ddb (#496) * Add fixtures go to renovate bot ignore (#500) * chore(deps): update dependency jekyll-feed to v0.17.0 (#498) * chore(deps): update golangci/golangci-lint-action action to v3.7.0 (#499) * chore(deps): update actions/setup-go action to v4.1.0 (#497) * If go version can't be found, don't add stdlib (#494) * chore(deps): update dependency jekyll-feed to v0.17.0 (#448) * feat: support `io.Reader` based parsers (#451) * fix: don't error if local db directory already exists (#493) * fix: ensure that "introduced 0" events are sorted before any other event (#492) * Add go stdlib version support (#484) * chore(deps): update golang:alpine docker digest to 445f340 (#467) * chore(deps): update alpine docker tag to v3.18 (#468) * chore(deps): update slsa-framework/slsa-github-generator action to v1.8.0 (#469) * chore(deps): update alpine:3.18 docker digest to 7144f7b (#480) * chore(deps): update alpine:3.17 docker digest to f71a5f0 (#466) * chore(deps): update gaurav-nelson/github-action-markdown-link-check digest to 46e4421 (#481) * fix(deps): update golang.org/x/exp digest to 89c5cff (#482) * chore(deps): update github/codeql-action action to v2.21.4 (#483) * Fix some vulns and ignore others (#490) * Rust call analysis (#452) * Scanner action should pass if the vulnerabilities remain the same (#475) * Tidy up scanner action (#474) * Manually update dependencies to resolve vulnerability https://osv.dev/GO-2023-1988 (#472) * feat: add experimental offline mode (#183) * Move github action back to the main branch (#465) * refactor: move experimental flags into their own struct (#463) * fix: use correct plural and singular forms based on count (#462) * chore(deps): update github/codeql-action action to v2.21.2 (#455) * fix(deps): update osv-scanner minor (#456) * Add annotations and osv-scanner table in the Github Action output (#460) * Fix purl mapping (#457) * test: make `output` tests their own package (#461) * Updated github actions to use main branch now that the PR is merged in (#459) * Recreated Github Action PR (#432) * chore: minor grammar fixes (#454) * chore(deps): update docker/setup-buildx-action digest to 4c0219f (#437) * chore(deps): update golang:alpine docker digest to 7839c9f (#444) * Optimize Dockerfile and add .dockerignore (#441) * chore(deps): update github/codeql-action action to v2.21.0 (#449) * Enable lockfile maintaince (#450) * fix(deps): update osv-scanner minor (#445) ------------------------------------------------------------------- Wed Jul 19 06:29:55 UTC 2023 - kastl@b1-systems.de - Update to version 1.3.6: * Prepare for v1.3.6 Release (#447) * Adjusting GitHub actions (#446) * chore(deps): update dependency jekyll-feed to v0.17.0 (#438) * go.mod: upgrade to golang.org/x/vuln@v1.0.0 (#443) * Fix PURLToPackage function and move it (#439) * Update README.md (#440) * chore(deps): update dependency jekyll-feed to v0.17.0 (#422) * chore(deps): update workflows (#429) * fix(deps): update osv-scanner minor (#430) * update govulncheck integration (#431) ------------------------------------------------------------------- Wed Jun 28 06:19:46 UTC 2023 - kastl@b1-systems.de - Update to version 1.3.5: * Add more ignores now that debian PURLs are parsed correctly (#428) * Adds changelog for v1.3.5 (#427) * chore(deps): update alpine docker tag to v3.18 (#382) * test: ensure fixtures directory isn't already a git repository (#426) * chore: ignore `.idea` directory (#425) * Add withdrawn and fix time serialization to conform to the schema. (#424) * test: make `models` tests their own package (#423) * Updated to reflect cvss scores being added to output table. (#419) * chore(deps): update workflows (#421) * chore(deps): update alpine:3.17 docker digest to e95676d (#413) * Add option to include severity in table output (#409) * Update the model to better match schema and add YAML tags. (#417) * chore(deps): update golang:alpine docker digest to fd9d9d7 (#405) * chore(deps): update workflows (#406) * fix(deps): update osv-scanner minor (#415) * Fixing broken github page (#412) * Link checker (#408) * fix(deps): update osv-scanner minor (#407) * refactor: enable `goimports` linter (#404) * Update the model to match the latest version of the OSV schema (#403) ------------------------------------------------------------------- Mon Jun 12 20:13:33 UTC 2023 - kastl@b1-systems.de - Update to version 1.3.4: * Prepare for 1.3.4 release. (#401) * chore(deps): update workflows (#393) * fix(deps): update osv-scanner minor (#392) * Fix version printer to use app stdout and stderr (#395) * OSV user agent (#390) ------------------------------------------------------------------- Wed May 17 05:07:22 UTC 2023 - kastl@b1-systems.de - Update to version 1.3.3: * Add new line and fix test to avoid having to change version twice (#387) * 1.3.3 Release (#385) * Use upload draft assets option (#384) * chore(deps): update golang:alpine docker digest to ee2f23f (#380) * chore(deps): update slsa-framework/slsa-github-generator action to v1.6.0 (#383) * fix(deps): update osv-scanner minor (#381) * Remove --hash from version in requirements.txt (#379) * Small formatting changes (#377) * chore(deps): bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 (#378) * add unit tests for results.go (#368) * Improve exit docs and add No vulns found to output (#373) * Update exit docs (#375) * chore(deps): update github/codeql-action action to v2.3.3 (#372) * chore(deps): update golang:alpine docker digest to 913de96 (#305) * fix: handle cyclical `-r`s in `requirements.txt` (#366) * fix: don't panic on empty files (#367) * fix(deps): update osv-scanner minor (#327) * Update spdx to 0.5.0 (#365) * Update pkg/osv to allow overriding the http client / transport. (#357) * chore(deps): update github/codeql-action action to v2.3.2 (#363) * Enable osvVulnerabilityAlerts (#362) ------------------------------------------------------------------- Wed Apr 26 08:43:23 UTC 2023 - kastl@b1-systems.de - Update to version 1.3.2: * Fix sbom scanning code (#360) * 1.3.2 Release (#359) * Refactor reporter to interfaces (#345) * Update all minor dependencies without spdx (#358) * chore(deps): update workflows (#334) * Better SBOM documentation and error message (#349) * Move a specific regex to static variable (#346) * chore(deps): update dependency jekyll-feed to v0.17.0 (#328) * chore(deps): bump nokogiri from 1.14.1 to 1.14.3 in /docs (#338) * chore(deps): bump commonmarker from 0.23.8 to 0.23.9 in /docs (#337) * SBOM parsing improvements. (#339) * Make the reporter public (#341) * Set `skip-pkg-cache: true` for golangci-lint (#340) * Support PNPM v6+ Lockfile (#325) * chore(deps): update alpine:3.17 docker digest to 124c7d2 (#326) * Call analysis note fixed. (#331) * Add configs to ignore test vulnerabilities (#329) ------------------------------------------------------------------- Thu Mar 30 08:10:56 UTC 2023 - kastl@b1-systems.de - Update to version 1.3.1: * Release 1.3.1 changelog (#321) * chore(deps): update ossf/scorecard-action action to v2.1.3 (#322) * Add nil check to CycloneDX enumeration (#320) ------------------------------------------------------------------- Tue Mar 28 04:59:28 UTC 2023 - kastl@b1-systems.de - Update to version 1.3.0: * Update changelog and version for v1.3.0 (#316) * chore(deps): update workflows (#314) * fix(deps): update osv-scanner minor (#313) * Update workflows to compositing, so that goreleaser workflow can run them. (#315) * Fix workflow (#311) * Fix some issues with the model. (#312) * Improve the OSV models to allow for 3rd party use of the library. (#310) * Adds concurrency to hydration requests (#304) * Make `IgnoredVulns` also ignore aliases (#300) * fix(deps): update osv-scanner minor (#306) * chore(deps): update actions/setup-go action to v4 (#308) * chore(deps): update workflows (#307) * Run tests before release (#301) * chore(deps): bump activesupport from 7.0.4.2 to 7.0.4.3 in /docs (#302) * Pin lint action (#299) * fix(deps): update osv-scanner minor (#288) * fix: support Pipenv develop packages without versions. (#297) * Set version in source code (#295) * Prevent `.gitignore` files from interfering with tests (#292) * fix: trim leading zeros off when comparing numerical components in Maven versions (better) (#285) * fix: avoid infinite loops parsing Maven poms with syntax errors (#294) * Check if PURL is valid before adding it to queries (#291) * Renovate bot ignore vulns package (#289) * chore(deps): update workflows (#287) * fix: trim leading zeros off when comparing numerical components in Maven versions (#279) * Adding call graph info back in (#284) * Update Colors for Accessibility (#278) * Removed call graph analysis for now. (#282) * Remove "working doc" concept (#275) * feat: improved error message when pom dependency version not found (#253) * Add tags and point people to slsa-verifier (#265) * ci: harden permissions (#269) * Run on merge queue (#272) * fix: properly handle comparing zero versions in Maven (#267) * chore: add `.editorconfig` file (#266) * fix(deps): update osv-scanner minor (#270) * Renovate bot use ignorePaths instead for fixtures (#264) * test: update case with new advisory (#268) * fix: deduplicate packages that appear multiple times in `Pipenv.lock` files (#261) * feat: support `-r` flag in `requirements.txt` files (#260) * chore(deps): update workflows (#242) * fix: avoid panic when parsing `file:` dependencies in `pnpm` lockfiles (#259) * More specific cyclone dx parsing (#258) * Parse nested CycloneDX components correctly (#251) * fix: support yarn locks with quoted properties (#250) * Update renovate.json (#248) * fix(deps): update golang.org/x/exp digest to c95f2b4 (#241) * govulncheck integration (#198) * Create draft release first in goreleaser (#236) * Adding additional installation instructions (#235) ------------------------------------------------------------------- Thu Feb 23 10:38:20 UTC 2023 - kastl@b1-systems.de - Update to version 1.2.0: * Changelog update for v1.2.0 (#233) * Moving Working Docs to Current (#234) * Update the output docs, make logo a lot bigger, make page slightly wider (#226) * Upgrade to yaml v3 (#231) * ParseAs for dpkg-status (#229) * Update analytics for documentation. (#230) * chore(deps): update docker/setup-buildx-action digest to f03ac48 (#223) * fix(deps): update osv-scanner minor (#225) * chore(deps): bump golang.org/x/net from 0.2.0 to 0.7.0 (#222) * chore(deps): update dependency http_parser.rb to "~> 0.8.0" (#224) * fix: ensure that vulnerability results are ordered deterministically (#220) * test: ensure case names match function under test (#228) * Nits - APK installed optimizations (#227) * Support for DPKG (Debian) parser (#168) * feat: support `dependencyManagement` in Maven poms (#221) * Google analytics added. (#215) * Console formatting changes * Documentation Style Improvements (#211) * fixed broken link (#210) * Documentation moved to github page. * Minor changes for gitignore parsing (#208) * Improve gitignore parsing (#206) * fix(deps): update osv-scanner minor (#205) * chore(deps): update github/codeql-action action to v2.2.4 (#204) * Move instructions to Usage (#197) * Make scanner respect .gitignore files (#191) * feat: support specifying what parser to use in `--lockfile` (#94) * fix: add missing toml tags to struct (and update linter) (#190) * fix(deps): update golang.org/x/exp digest to 98cc5a0 (#188) * fix(osv-query): omit SourceInfo from JSON marshaling (#185) * test: remove nonsense case and correct names (#187) * Update readme usage section (#171) * chore(deps): update docker/login-action action to v2 (#148) * fix(deps): update osv-scanner minor (#147) * Support SPDX 2.3 (#178) * chore(deps): update workflows (#172) * feat: Render output as a markdown table for use in github comments (#156) * APK: fix test function (#180) * Log number of packages scanned from SBOMs. (#179) * Make OSV api public (#167) * Add experimental comment (#173) * fix: exit with generic non-zero code when there is a general error (#161) * fix: reuse app-level writer and err writers in `VersionPrinter` (#166) * chore(deps): update github/codeql-action action to v2.1.39 (#159) * test: add cases for `semantic.MustParse` (#160) * feat: create `--format` flag (#158) * golangci checks in github action, and fixes initial linter issues (#149) * test: add case for `--version` flag (#162) * chore: remove duplicated generators (#157) * - add conan.lock to the list (#59) * Fix endpoint typo (#152) * feat: add `semantic` package (#92) * Adding re-try for getting a Vuln for the given ID (#141) * chore(deps): update github/codeql-action action to v2.1.38 (#146) * chore: adjust comment to match type name (#143) * Mention Pipfile.lock support in changelog. (#140) * Fix link to GitHub issues (#139) ------------------------------------------------------------------- Thu Jan 12 06:01:09 UTC 2023 - kastl@b1-systems.de - Update to version 1.1.0: * Fix goreleaser permissions (#138) * v1.1.0 release PR (#137) * fix(deps): update osv-scanner minor (#79) * Temporarily disable alpine package scanning (#136) * Move tests from cloudbuild to gh actions (#135) * Use short url in scanner output (#134) * chore(deps): update workflows (#78) * Update readme and add changelog (#133) * fix: use correct ecosystem for NuGet (#132) * Do not highlight borders of result table (#131) * Add contributing file (#130) * Update README.md (#127) * docs: describe build process (#109) * Add gomodtidy after renovate updates (#120) * Make lint trigger same as others (#125) * Minor documentation updates. (#121) * Add support for Alpine Linux /lib/apk/db/installed (Resolves #72) (#107) * feat: add docker publish method (#70) * Add Pipenv lockfile support (Resolves #71) (#66) * Lint readme (#100) * Have renovate-bot label its PRs as it does with osv.dev (#116) * [pkg] implement NuGet ecosystem parser (#98) * Update github.com/spdx/gordf dependency to fix 32 bit support (#104) * test: update spec case and adjust assertion message (#99) * fix: ensure that files are closed when they're no longer needed (#106) * Fix lockfile example syntax (#103) * docs: add homebrew installation note (#89) ------------------------------------------------------------------- Tue Dec 20 13:53:44 UTC 2022 - Johannes Kastl <kastl@b1-systems.de> - add build parameters, so 'osv-scanner --version' shows proper version, build date and the release tag as commit ------------------------------------------------------------------- Tue Dec 20 12:39:13 UTC 2022 - kastl@b1-systems.de - Update to version 1.0.2: * shorten affected package to package (#90) * Move table columns so that the important column is displayed first (#87) * Add blog post link to README (#84) * Minor updates to install instruction title (#80) * Added installation instructions for Scoop (#68) * Update README.md (#77) * Fix readme anchor link. (#76) * Update README.md (#58) * Add disclaimer on Debian scanning. (#65) * Add gradle lockfile support (#46) ------------------------------------------------------------------- Tue Dec 20 12:38:20 UTC 2022 - Johannes Kastl <kastl@b1-systems.de> - new package osv-scanner: Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor