Jonatan Männchen
Jonatan Männchen
**Is your feature request related to a problem? Please describe.** The NVD-based CVE records in osv.dev are missing several package-level details that already exist in the official CVE v5 JSON:...
## Changes Adds a Security Policy to the project. It will be shown: * On the repository homepage on the right next to the Code of conduct * In the...
## Code ```elixir Mix.install([{:explorer, "~> 0.10.0"}]) name_dtype = {"names", {:list, {:struct, [ {"language", :string}, {"name", :string}, {"transliteration", :category}, {"type", :category} ]}}} [ %{names: []}, %{names: [%{name: "CABK", type: "acronym", language:...
To publish advisories with packages regarding hex.pm, currently the ecosystem has to be set to "Erlang". Since hex.pm is for Erlang, Elixir, Gleam and more, this is confusing. Additionally, the...
**Describe the bug** When submitting dependencies via the Dependency Submission API, License and ScoreCard Info is empty. **To Reproduce** Steps to reproduce the behavior: 1. Report Dependencies via API. Example...
## Changes * Update ORT to 61.... (TBD once ORT PR is merged) * Adds Package Configurations (required by Update to get parity to before) ## Fixes * Adds Header...
### oidcc version latest ### Erlang version any ### Elixir version any ### Summary * Certification Suite: `oidcc-client-test-plan` * Certification Test: `oidcc-client-test-aggregated-claims` The certification test contains an aggregated JWT Userinfo...
## Changes I would like to include the requirements for a root cause analysis (either level 2 or 3) in `OSPS-VM-04` (either add to `OSPS-VM-04.01` or create a new subsection)....
### Description This is a follow-up to https://github.com/erlang/rebar3/pull/2498#issuecomment-3389598258. Rebar3 currently attempts to fetch and compile optional **transitive** dependencies, even when: * they are only declared as optional in `mix.exs`, *...
Blocked by https://github.com/package-url/vers-spec/issues/49 Also we need to decide if this should be in here or PR'ed to Elixir itself.