google/osv-scalibr

Go 573 stars

OSV-SCALIBR: A library for Software Composition Analysis

✓ Synced 1h ago Share on X →
README badge: [![ngmi](https://ngmi.review/badge/google/osv-scalibr.svg)](https://ngmi.review/repo/google/osv-scalibr)
1.0k Merged PRs
6 days Avg Merge Time
2m Fastest PR
7 months Slowest PR
#1120 Global Speed Rank

PR Size Analysis

Lines changed (additions + deletions) vs review outcomes. Re-sync to populate data for older PRs.

PRs by size
Avg review time (hrs)
Clean approval rate (%)

Top Reviewers

Recent Merged PRs

# Title Author Time Reviews Blocks
#1821 refactor: run `go mod tidy` @G-Rath 8.6h 1
#1807 Acceptance tests @alessandro-Doyensec 3 days 2
#1798 Fix ntuple detector selection algorithm @alessandro-Doyensec 3 days 9
#1818 Bump SCALIBR version in preparation for a new release. @copybara-service 20m 0
#1800 Fix issue with image scanning paths when StoreAbsolutePath is true. @copybara-service 2 days 0
#1786 simplevalidate: add multi-endpoint support @0xXA 2 days 11
#1795 Migrate all remaining detectors to use the global PluginConfig. @copybara-service 1 day 0
#1806 Use %w for error wrapping in the slacktoken validator. @copybara-service 35m 0
#1278 PRP: Bazel external dependencies extractor @am0o0 5 months 8
#1797 slacktoken: return error on ValidationFailed and update tests @0xXA 1.1h 1
#1792 ntuple: preserve full match span in FindAllMatchesGroup while returning subgroup value @0xXA 1 day 1
#1783 refactor: update linter and use `fmt.Fprintf` rather than `WriteString` + `Sprintf` @G-Rath 1 day 1
#1763 Move absolute path extension to from filesystem.go to the end of the plugin runs. @copybara-service 4 days 0
#1765 fix(java/pomxml): support non-utf8 encoded files @G-Rath 4 days 2
#1457 Veles: Cloudflare API Token @devampkid 4 months 8
#1776 Allow custom directories in macapps extractor @JellyBongo 1.5h 3
#1458 New plugin: npmjs registry secret detector & validator @secureness 4 months 6
#1733 Add Heroku Platform API Key Extractor, Validator and Enricher @frkngksl 8 days 20
#1761 Replace boolean wantErr with cmp.Diff. @copybara-service 10m 0
#1366 PRP: Deno Secret Detector @VickyTheViking 4 months 3