OneDev
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
server
Code
Pull Requests
Issues
List
Boards
Iterations
Builds
Packages
Statistics
Child Projects
OneDev 11.0.0
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects onedev server Issues OD-1817
Step to scan open source dependencies to find vulnerabilities (OD-1817)
Released
Robin Shen opened 4 months ago
No description
Robin Shen added to iteration "10.4.0" 4 months ago
Robin Shen changed title 4 months ago
Previous Value Current Value 
Built-in dependency vulnerability scan
 
Built-in vulnerability scan for open source dependencies
OneDev changed state to 'Closed' 4 months ago
Previous Value Current Value 
Open
 
Closed
OneDev commented 4 months ago

State changed as code fixing the issue is committed (1e5e638f)
bufferUnderrun commented 4 months ago

Very good feature !!

How does it will works ? Scanning specifics files (ie: packages.lock...) ?
Robin Shen commented 4 months ago

Yes, it calls osv scanner to scan packages.lock and other files. Will write doc for this after 10.4 is released.
Robin Shen changed title 4 months ago
Previous Value Current Value 
Built-in vulnerability scan for open source dependencies
 
Step to scan open source dependencies to find vulnerabilities
OneDev changed state to 'Released' 4 months ago
Previous Value Current Value 
Closed
 
Released
OneDev commented 4 months ago

State changed as build #4853 is successful
issue 1 of 1
Type
New Feature
Priority
Normal
Assignee
Robin Shen
Labels
Enterprise Edition
Iterations
Issue Votes (0)
Login to vote
Watchers (2)
Reference
OD-1817
Please wait...
Page is in error, reload to recover