{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":575807395,"defaultBranch":"main","name":"sbomnix","ownerLogin":"tiiuae","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2022-12-08T10:45:27.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/59836348?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1711520771.0","currentOid":""},"activityList":{"items":[{"before":"755b72639efc9d39e517b82f334aff8bd5b5dec3","after":"a1f0f88d719687acedd989899ecd7fafab42394c","ref":"refs/heads/main","pushedAt":"2024-04-09T09:05:36.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Increase local http cache timeout\n\nIncrease CachedLimiterSession expiration timeout from two to six hours\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"Increase local http cache timeout"}},{"before":"8d65f58a2c98e38e6447da1baacd75a5c42aae97","after":"755b72639efc9d39e517b82f334aff8bd5b5dec3","ref":"refs/heads/main","pushedAt":"2024-03-27T06:24:09.000Z","pushType":"pr_merge","commitsCount":4,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Release 1.6.1\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"Release 1.6.1"}},{"before":"d7b0eacd1fc4ed4279f9e1b4bc5201eb9044bf86","after":"8d65f58a2c98e38e6447da1baacd75a5c42aae97","ref":"refs/heads/main","pushedAt":"2024-03-21T14:29:58.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"joinemm","name":"Joonas Rautiola","path":"/joinemm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/26210439?s=80&v=4"},"commit":{"message":"Release 1.6.0\n\nSigned-off-by: Joonas Rautiola ","shortMessageHtmlLink":"Release 1.6.0"}},{"before":"d7b0eacd1fc4ed4279f9e1b4bc5201eb9044bf86","after":null,"ref":"refs/tags/v1.6.0","pushedAt":"2024-03-21T14:27:50.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"joinemm","name":"Joonas Rautiola","path":"/joinemm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/26210439?s=80&v=4"}},{"before":"725c9a169b2da78ef620c5fd7b1fbe102abef3a2","after":"d7b0eacd1fc4ed4279f9e1b4bc5201eb9044bf86","ref":"refs/heads/main","pushedAt":"2024-03-21T14:17:35.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"joinemm","name":"Joonas Rautiola","path":"/joinemm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/26210439?s=80&v=4"},"commit":{"message":"Fix example script in provenance docs\n\nSigned-off-by: Joonas Rautiola ","shortMessageHtmlLink":"Fix example script in provenance docs"}},{"before":"9df4fb380b94fce54c4374958e7fc69a573cf6ec","after":"725c9a169b2da78ef620c5fd7b1fbe102abef3a2","ref":"refs/heads/main","pushedAt":"2024-03-20T07:48:06.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"joinemm","name":"Joonas Rautiola","path":"/joinemm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/26210439?s=80&v=4"},"commit":{"message":"Add schema and tests for provenance\n\nSigned-off-by: Joonas Rautiola ","shortMessageHtmlLink":"Add schema and tests for provenance"}},{"before":"2173385d81a079df61281058436406644838f595","after":null,"ref":"refs/heads/fix-issue-108","pushedAt":"2024-03-14T11:28:23.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"}},{"before":"d0e7119722e8ff375d53194e9c292dfc9390ea70","after":"9df4fb380b94fce54c4374958e7fc69a573cf6ec","ref":"refs/heads/main","pushedAt":"2024-03-13T15:59:02.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"sbomnix: Do not assume out output is always used\n\nDo not assume the derivation's `out` output should always be in the\n`derivation.py:Derive` outputs list. Instead, only add the outputs of\nthe actually-used outputs.\n\nThis change fixes: https://github.com/tiiuae/sbomnix/issues/108.\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"sbomnix: Do not assume out output is always used"}},{"before":null,"after":"2173385d81a079df61281058436406644838f595","ref":"refs/heads/fix-issue-108","pushedAt":"2024-03-13T10:10:39.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"sbomnix: Do not assume out output is always used\n\nDo not assume the derivation's `out` output should always be in the\n`derivation.py:Derive` outputs list. Instead, only add the outputs of\nthe actually-used outputs.\n\nThis change fixes: https://github.com/tiiuae/sbomnix/issues/108.\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"sbomnix: Do not assume out output is always used"}},{"before":"f61893622c0432f9e4e18ebb48b252ba6d3a87f9","after":null,"ref":"refs/heads/wip-fix-parse-version","pushedAt":"2024-02-15T05:58:04.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"}},{"before":"bbfe0949ab8875f5c98dcdd1d81d2721676b4b26","after":"d0e7119722e8ff375d53194e9c292dfc9390ea70","ref":"refs/heads/main","pushedAt":"2024-02-15T05:57:49.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"utils: Fix potentially invalid version\n\nFix an issue with utils.py:parse_version, which could\nresult passing an invalid version string to\npackaging.version.parse potentially throwing an invalid\nversion exception.\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"utils: Fix potentially invalid version"}},{"before":null,"after":"f61893622c0432f9e4e18ebb48b252ba6d3a87f9","ref":"refs/heads/wip-fix-parse-version","pushedAt":"2024-02-13T06:07:51.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"utils: Fix potentially invalid version\n\nFix an issue with utils.py:parse_version, which could\nresult passing an invalid version string to\npackaging.version.parse potentially throwing an invalid\nversion exception.\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"utils: Fix potentially invalid version"}},{"before":"df634a15178275ea98c30b78676a08cecd9c49a3","after":"bbfe0949ab8875f5c98dcdd1d81d2721676b4b26","ref":"refs/heads/main","pushedAt":"2024-01-03T06:24:25.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Add extra-experimental-feature to nix commands\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"Add extra-experimental-feature to nix commands"}},{"before":"31f17d1664b365cbb13befe7b85704b2c94ef23e","after":"df634a15178275ea98c30b78676a08cecd9c49a3","ref":"refs/heads/main","pushedAt":"2024-01-02T09:34:25.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Support for patches that resolve multiple issues\n\nSuch as `CVE-2022-2601.CVE-2022-3775.4.patch`\n\nSigned-off-by: Arnout Engelen ","shortMessageHtmlLink":"Support for patches that resolve multiple issues"}},{"before":"9e5ca0385c8d81170c46e4fd1b3dca26682b86c8","after":"31f17d1664b365cbb13befe7b85704b2c94ef23e","ref":"refs/heads/main","pushedAt":"2023-12-27T06:26:09.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Include CVE patch info in cdx output\n\nThis is helpful when the SBOM is used in vulnerability scanner\nsoftware down the line, so it is more easily obvious that these\nCVEs have already been patched in this case.\n\nSigned-off-by: Arnout Engelen ","shortMessageHtmlLink":"Include CVE patch info in cdx output"}},{"before":"e02af459a3ee6993857fbc90d97e57389bb9f1d3","after":"9e5ca0385c8d81170c46e4fd1b3dca26682b86c8","ref":"refs/heads/main","pushedAt":"2023-12-22T11:44:30.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Release v1.5.0\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"Release v1.5.0"}},{"before":"c243db5272fb01c4d97cbbb01a095ae514cd2dcb","after":"e02af459a3ee6993857fbc90d97e57389bb9f1d3","ref":"refs/heads/main","pushedAt":"2023-12-22T09:10:49.000Z","pushType":"pr_merge","commitsCount":10,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Continue despite failure in downloading cpedict\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"Continue despite failure in downloading cpedict"}},{"before":"e9e08899e4ac0a4167cc21b316f9d654f48b3f5e","after":"c243db5272fb01c4d97cbbb01a095ae514cd2dcb","ref":"refs/heads/main","pushedAt":"2023-12-13T08:14:55.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"sbomnix: Remove command-line argument: --type\n\n- Remove `--type` command-line argument from sbomnix. Instead, change\n sbomnix so that it support `--buildtime` argument to align the\n command-line usage with other tools.\n- Update relevant documentation and tests\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"sbomnix: Remove command-line argument: --type"}},{"before":"7dfa8aa1e9156b1916be6a818501b33d2e51770d","after":"e9e08899e4ac0a4167cc21b316f9d654f48b3f5e","ref":"refs/heads/main","pushedAt":"2023-12-05T07:40:28.000Z","pushType":"pr_merge","commitsCount":6,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Remove temporary files\n\nRemove temporary files left behind by vulnxscan and nix_outdated, unless\nverbosity is DEBUG or more verbose in which case we want to keep the\ntemp files for debug purposes.\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"Remove temporary files"}},{"before":"f4d0c03755cb7b5f78353a0014cc4b8f3df7687c","after":"7dfa8aa1e9156b1916be6a818501b33d2e51770d","ref":"refs/heads/main","pushedAt":"2023-12-01T15:04:51.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Update repology client user-agent\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"Update repology client user-agent"}},{"before":"2e3f2b63e071e96d4819acd4664bdfc3e72ba6b1","after":"f4d0c03755cb7b5f78353a0014cc4b8f3df7687c","ref":"refs/heads/main","pushedAt":"2023-12-01T13:10:22.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Update flake.lock\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"Update flake.lock"}},{"before":"b920aa90ee291defa00e1757d81399f37c76c853","after":"2e3f2b63e071e96d4819acd4664bdfc3e72ba6b1","ref":"refs/heads/main","pushedAt":"2023-11-30T09:41:58.000Z","pushType":"pr_merge","commitsCount":4,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Re-enable skipped tests\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"Re-enable skipped tests"}},{"before":"3831c36083bbee9a7e89d2523354408062cab35e","after":"b920aa90ee291defa00e1757d81399f37c76c853","ref":"refs/heads/main","pushedAt":"2023-11-15T16:03:09.000Z","pushType":"pr_merge","commitsCount":23,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"fix: Use treefmt to run black\n\n​\nSigned-off-by: Brian McGee ","shortMessageHtmlLink":"fix: Use treefmt to run black"}},{"before":"48d154161a735cd597c03bc9005b7ec9a8e46cdd","after":"3831c36083bbee9a7e89d2523354408062cab35e","ref":"refs/heads/main","pushedAt":"2023-11-13T10:55:13.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"fix: Repology_cve.py reference in vulnxscan\n\nWhen invoking `repology_cve` as a command the `.py`\nextension is no longer required.\n\nSigned-off-by: Brian McGee ","shortMessageHtmlLink":"fix: Repology_cve.py reference in vulnxscan"}},{"before":"24007b6ad064c2f6055ffb4e59a8491b08357353","after":"48d154161a735cd597c03bc9005b7ec9a8e46cdd","ref":"refs/heads/main","pushedAt":"2023-11-11T13:41:10.000Z","pushType":"pr_merge","commitsCount":29,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"fix: Apps nix_outdated and repology_xxx\n\nAdds missing packages entries in `setup.py`.\n\nSigned-off-by: Brian McGee ","shortMessageHtmlLink":"fix: Apps nix_outdated and repology_xxx"}},{"before":"6db61c7a190508ee926765623c851133a83cdd5d","after":"24007b6ad064c2f6055ffb4e59a8491b08357353","ref":"refs/heads/main","pushedAt":"2023-09-11T12:42:14.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"vulnxscan: Add severity\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"vulnxscan: Add severity"}},{"before":"7cd25846d2de69ff1c4fa6a798f05ee190636cc0","after":"6db61c7a190508ee926765623c851133a83cdd5d","ref":"refs/heads/main","pushedAt":"2023-09-07T11:40:34.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"README.md: Add a reference to ghafscan project\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"README.md: Add a reference to ghafscan project"}},{"before":"e0ddb8799419779f6218f86fee0e6ccf5fa8b586","after":"7cd25846d2de69ff1c4fa6a798f05ee190636cc0","ref":"refs/heads/main","pushedAt":"2023-09-05T07:07:27.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"vulnxscan: Add support for triage\n\n- Add vulnxscan options `--triage` and `--nixprs` to help manual\n analysis.\n- Remove nix_secupdates, since all its features are now part of\n vulnxscan.\n- Update tests and documentation accordingly.\n- Improve repology CVE search\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"vulnxscan: Add support for triage"}},{"before":"055bf464f1a3344870a40f337caa492a69f69dbb","after":"e0ddb8799419779f6218f86fee0e6ccf5fa8b586","ref":"refs/heads/main","pushedAt":"2023-09-01T03:57:37.000Z","pushType":"pr_merge","commitsCount":4,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"tests: Remove test_nix_shell\n\n'test_nix_shell' causes duplicate dependency for sbomnix. This commit\nremoves the test to resolve possible issues caused by the duplicate\ndependency.\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"tests: Remove test_nix_shell"}},{"before":"1ef599c73fa64f7884975aea1aea1f9036eb389d","after":"055bf464f1a3344870a40f337caa492a69f69dbb","ref":"refs/heads/main","pushedAt":"2023-08-17T11:34:49.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"henrirosten","name":"Henri Rosten","path":"/henrirosten","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/49935860?s=80&v=4"},"commit":{"message":"Allow running sbomnix without realising out paths\n\nAllow running sbomnix, nixgraph, vulnxscan, nix_outdated, and\nnix_secupdates without realising the target output if `--buildtime`\nwas requested.\n\nThis change also adds a fix to allow installing sbomnix tooling in\nnix development shell in editable mode.\n\nSigned-off-by: Henri Rosten ","shortMessageHtmlLink":"Allow running sbomnix without realising out paths"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEK8kPbAA","startCursor":null,"endCursor":null}},"title":"Activity · tiiuae/sbomnix"}