Pulse · google/osv.dev · GitHub

June 26, 2025 – July 26, 2025

Overview

93 Active pull requests

20 Active issues

89 Pull requests merged by 10 people

fix(website): Correct search dropdown position on scroll
#3712 merged Jul 24, 2025
refactor(vulnfeeds): Change FromCVE function back to taking whole CVE entry
#3715 merged Jul 24, 2025
fix(ecosystem): Bind BellSoft Hardened Containers to Alpaquita in _ec…
#3713 merged Jul 24, 2025
refactor(vulnfeeds): Use OSVSchema Vulnerability structs instead of maintaining a duplicate set
#3714 merged Jul 24, 2025
feat(vulnfeeds): Add helper to parse GitHub CNA version ranges
#3701 merged Jul 23, 2025
perf: perform blobless clones in git enumeration
#3706 merged Jul 22, 2025
fix(css): Font size in table
#3711 merged Jul 22, 2025
feat(css): Update blogpost styles
#3709 merged Jul 22, 2025
chore(deps-dev): bump nokogiri from 1.18.8 to 1.18.9 in /docs in the bundler group across 1 directory
#3710 merged Jul 22, 2025
chore(linter): bump timeout limit
#3707 merged Jul 22, 2025
fix: add git ecosystem whether or not another ecosystem already exists
#3700 merged Jul 22, 2025
feat(website): Add search suggestions to OSV database
#3660 merged Jul 22, 2025
fix(ecosystem): Add Alpaquita to _ecosystems
#3705 merged Jul 22, 2025
fix(source-sync): Update missing source defaults
#3704 merged Jul 22, 2025
chore(schema): Update schema to latest
#3703 merged Jul 22, 2025
chore: update schema version in linter
#3702 merged Jul 22, 2025
docs(blog): Prepare blog post for upstream field
#3670 merged Jul 21, 2025
feat(linter): add invalid schema error code
#3697 merged Jul 18, 2025
chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates
#3696 merged Jul 18, 2025
style(docs): Improve contrast on Jekyll note blocks
#3693 merged Jul 18, 2025
feat(test): add BellSoft Security Advisory feed to test environment (…
#3608 merged Jul 18, 2025
fix(deps): address urllib3 vulnerabilities
#3695 merged Jul 17, 2025
fix(website): prevent exceptions from parsing Ubuntu severities
#3694 merged Jul 17, 2025
fix(deps): update github.com/ossf/osv-schema/bindings/go digest to 7310c9e
#3678 merged Jul 16, 2025
chore(deps): update gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine docker digest to 8ce7758
#3677 merged Jul 16, 2025
chore(deps): update golang docker tag to v1.24.5
#3679 merged Jul 16, 2025
fix(deps): update indexer
#3680 merged Jul 16, 2025
fix(deps): update module golang.org/x/sync to v0.16.0
#3681 merged Jul 16, 2025
chore(deps): lock file maintenance
#3682 merged Jul 16, 2025
chore(deps): lock file maintenance
#3684 merged Jul 16, 2025
chore(deps): lock file maintenance
#3685 merged Jul 16, 2025
chore(deps): lock file maintenance
#3686 merged Jul 16, 2025
chore(deps): lock file maintenance website-frontend
#3687 merged Jul 16, 2025
fix(deps): lock file maintenance tools
#3688 merged Jul 16, 2025
fix(deps): lock file maintenance vulnfeeds
#3689 merged Jul 16, 2025
fix(deps): lock file maintenance website-backend
#3690 merged Jul 16, 2025
fix(deps): lock file maintenance workers
#3691 merged Jul 16, 2025
test: update integration tests
#3673 merged Jul 15, 2025
ci: Nightly osv-scanner action
#3665 merged Jul 15, 2025
chore: update indexer go version
#3672 merged Jul 15, 2025
fix(frontend): Hide all appropriate collapsed info for upstream/downstream
#3667 merged Jul 15, 2025
chore: update go version
#3669 merged Jul 14, 2025
feat(website): added search option to navbar
#3657 merged Jul 14, 2025
ci(vuln-triage): Create osv-scanner.toml for frontend3
#3664 merged Jul 14, 2025
fix(actions): Update osv-scanner-unified.yml with read permissions
#3663 merged Jul 14, 2025
test: update API integration test
#3659 merged Jul 11, 2025
fix(proto): rename Ubuntu severity type
#3656 merged Jul 10, 2025
fix(CVE): Update cve.go metrics field
#3655 merged Jul 9, 2025
fix: #3515 Move upstream field in frontend and sort alphabetically
#3583 merged Jul 9, 2025
chore(deps): update node.js to 2c3f34d
#3642 merged Jul 9, 2025
chore(deps): lock file maintenance
#3648 merged Jul 9, 2025
fix(deps): update module google.golang.org/api to v0.240.0
#3644 merged Jul 9, 2025
chore(deps): update ubuntu:22.04 docker digest to 3c61d37
#3643 merged Jul 9, 2025
chore(deps): lock file maintenance
#3647 merged Jul 9, 2025
chore(deps): lock file maintenance
#3646 merged Jul 9, 2025
chore(deps): lock file maintenance
#3649 merged Jul 9, 2025
chore(deps): lock file maintenance
#3650 merged Jul 9, 2025
chore(deps): lock file maintenance
#3651 merged Jul 9, 2025
fix(deps): lock file maintenance tools
#3652 merged Jul 9, 2025
chore(deps): lock file maintenance
#3645 merged Jul 9, 2025
chore(deps): lock file maintenance
#3653 merged Jul 9, 2025
fix(deps): lock file maintenance workers
#3654 merged Jul 9, 2025
perf(api): Improve asynchronous behaviour
#3638 merged Jul 8, 2025
revert: "fix(api): double backend concurrency"
#3641 merged Jul 8, 2025
fix(api): double backend concurrency
#3640 merged Jul 8, 2025
fix: 500 error on frontend rendering of some Ubuntu CVEs
#3637 merged Jul 4, 2025
feat(vulnfeeds): Update CVE5 struct to be more detailed for eventual CVE5 ingestion
#3590 merged Jul 3, 2025
refactor(vulnfeeds): Refactor vulnfeeds conversion functions into a shared directory
#3636 merged Jul 3, 2025
fix(deps): update module google.golang.org/api to v0.239.0 - autoclosed
#3615 merged Jul 2, 2025
fix(deps): lock file maintenance vulnfeeds
#3631 merged Jul 2, 2025
chore(deps): update node.js to e0e264a
#3621 merged Jul 2, 2025
fix(deps): lock file maintenance tools
#3630 merged Jul 2, 2025
chore(deps): lock file maintenance
#3628 merged Jul 2, 2025
chore(deps): lock file maintenance
#3624 merged Jul 2, 2025
chore(deps): lock file maintenance
#3626 merged Jul 2, 2025
chore(deps): lock file maintenance osv-lib
#3629 merged Jul 2, 2025
chore(deps): lock file maintenance
#3627 merged Jul 2, 2025
chore(deps): lock file maintenance
#3625 merged Jul 2, 2025
chore(deps): lock file maintenance
#3623 merged Jul 2, 2025
chore(deps): update gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine docker digest to f0f4398
#3620 merged Jul 2, 2025
fix(deps): update github.com/ossf/osv-schema/bindings/go digest to 180f03c
#3622 merged Jul 2, 2025
fix(deps): lock file maintenance workers
#3607 merged Jul 2, 2025
chore: Various dependency tidy ups
#3616 merged Jul 1, 2025
docs: Fix broken links
#3619 merged Jul 1, 2025
docs(README): Update README with Data Dump information
#3618 merged Jul 1, 2025
chore(deps): bump the pip group across 1 directory with 1 update
#3612 merged Jul 1, 2025
refactor(vulnfeeds): Remove redundant ByAffectedCommit code
#3617 merged Jul 1, 2025
fix(vulnfeeds): deduplicate commit hashes on AffectedCommits
#3591 merged Jun 30, 2025
chore(deps): lock file maintenance
#3601 merged Jun 30, 2025

4 Pull requests opened by 4 people

chore(deps): update github/codeql-action action to v3.29.4
#3614 opened Jun 30, 2025
feat(vulnfeeds): Implemented a naiveish CVE5 to OSV converter
#3635 opened Jul 2, 2025
fix(template) : Show only 3 packages if there are a lot (#3674)
#3676 opened Jul 15, 2025
feat: Begin populating new database fields
#3708 opened Jul 22, 2025

10 Issues closed by 4 people

Create a helper function to extract versions from the Github_M CNA version description
#3699 closed Jul 23, 2025
Search using CVE
#3281 closed Jul 22, 2025
Git vulnerabilities are not classified correctly on osv.dev
#3698 closed Jul 22, 2025
Ubuntu deleted data still showing up in osv.dev
#3426 closed Jul 17, 2025
Exception raised when parsing Ubuntu severity in frontend
#3675 closed Jul 17, 2025
Fix collapsed upstream string of newline characters
#3639 closed Jul 15, 2025
Support MinimOS datasource
#3400 closed Jul 13, 2025
Move upstream field in frontend and sort alphabetically
#3515 closed Jul 9, 2025
Request for Data
#3589 closed Jul 1, 2025
Duplicate fix commit hases
#3523 closed Jun 30, 2025

10 Issues opened by 6 people

Improve readability of vulnerability listing page
#3674 opened Jul 15, 2025
List of published OSV records?
#3671 opened Jul 14, 2025
Automatically deploy gcp/functions/pypi
#3668 opened Jul 14, 2025
linter cron job deletes invalid json findings
#3666 opened Jul 14, 2025
Records on osv.dev do not meet the published json-schema
#3662 opened Jul 13, 2025
OSV-2022-624 does not show as fixed while referenced OSS Fuzz issue shows as fixed.
#3661 opened Jul 11, 2025
Surface NVD CPE strings in database/ecosystem specific field.
#3658 opened Jul 10, 2025
Set up an ingestion pipeline for CVEList CVEs
#3634 opened Jul 2, 2025
Naive CVE5 to OSV Conversion
#3633 opened Jul 2, 2025
Create a metric or trace system for prioritisation of data, for monitoring regressions and where things succeed
#3632 opened Jul 2, 2025

12 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

RSS Feed for Vulnerability Database
#3555 commented on Jun 27, 2025 • 0 new comments
`git subtree`s causes commits from sub-repository to be incorrectly included in parent repo commit ranges
#3398 commented on Jun 30, 2025 • 0 new comments
OSV.dev needs a navbar search option
#3350 commented on Jul 9, 2025 • 0 new comments
Switch all ecosystem version queries to range match
#3063 commented on Jul 18, 2025 • 0 new comments
Add type annotations
#3453 commented on Jul 18, 2025 • 0 new comments
Add a changelog for OSV.dev
#3383 commented on Jul 18, 2025 • 0 new comments
Support querying by both repo URL and commit hash
#3463 commented on Jul 20, 2025 • 0 new comments
new datasource: Alpaquita Linux
#3263 commented on Jul 22, 2025 • 0 new comments
Support Oracle Linux
#3490 commented on Jul 26, 2025 • 0 new comments
Unhandled exception in sources.py causing crash under specific conditions
#3498 commented on Jul 26, 2025 • 0 new comments
Dependency Dashboard
#714 commented on Jul 26, 2025 • 0 new comments
Search indices aren't populated with full alias/upstream sets
#3514 commented on Jul 27, 2025 • 0 new comments