Assign IDs

ossf · Oct 28, 2024 · 223a86d · 223a86d
1 parent 07aec6a
commit 223a86d
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 9 deletions.
diff --git a/osv/malicious/.id-allocator b/osv/malicious/.id-allocator
@@ -1 +1 @@
-d5db6176f7961c9bc8763f04bd7f5b43381726234db858e12d400586d83c8cd8
+ed8fa44cf07678c983bd2bf43d3402bfa1a07dd4443533b086e235b1fd5cc8de
diff --git a/...sf-package-analysis-f0fd95455d4aae7a.json → ...npm/eslint-plugin-evo/MAL-2024-10243.json b/...sf-package-analysis-f0fd95455d4aae7a.json → ...npm/eslint-plugin-evo/MAL-2024-10243.json
@@ -2,9 +2,9 @@
   "modified": "2024-10-28T16:38:03Z",
   "published": "2024-10-28T16:38:03Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2024-10243",
   "summary": "Malicious code in eslint-plugin-evo (npm)",
-  "details": "The OpenSSF Package Analysis project identified 'eslint-plugin-evo' @ 1.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (f0fd95455d4aae7a6ca5fea9e84fb409224541b9acba2c79d7f523242157243f)\nThe OpenSSF Package Analysis project identified 'eslint-plugin-evo' @ 1.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n",
   "affected": [
     {
       "package": {
@@ -29,10 +29,10 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "ossf-package-analysis",
-        "sha256": "f0fd95455d4aae7a6ca5fea9e84fb409224541b9acba2c79d7f523242157243f",
         "import_time": "2024-10-28T23:34:09.031273258Z",
         "modified_time": "2024-10-28T16:38:03Z",
+        "sha256": "f0fd95455d4aae7a6ca5fea9e84fb409224541b9acba2c79d7f523242157243f",
+        "source": "ossf-package-analysis",
         "versions": [
           "1.0.0"
         ]

diff --git a/...sf-package-analysis-afdbf42c693d9ced.json → ...malicious/npm/roboter/MAL-2024-10244.json b/...sf-package-analysis-afdbf42c693d9ced.json → ...malicious/npm/roboter/MAL-2024-10244.json
@@ -2,9 +2,9 @@
   "modified": "2024-10-28T16:05:51Z",
   "published": "2024-10-28T16:05:51Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2024-10244",
   "summary": "Malicious code in roboter (npm)",
-  "details": "The OpenSSF Package Analysis project identified 'roboter' @ 2.0.2 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (afdbf42c693d9cedf3e0318e71e38c801ef1574cf16352b197fb429345aea5c1)\nThe OpenSSF Package Analysis project identified 'roboter' @ 2.0.2 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n",
   "affected": [
     {
       "package": {
@@ -29,10 +29,10 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "ossf-package-analysis",
-        "sha256": "afdbf42c693d9cedf3e0318e71e38c801ef1574cf16352b197fb429345aea5c1",
         "import_time": "2024-10-28T23:34:08.932986865Z",
         "modified_time": "2024-10-28T16:05:51Z",
+        "sha256": "afdbf42c693d9cedf3e0318e71e38c801ef1574cf16352b197fb429345aea5c1",
+        "source": "ossf-package-analysis",
         "versions": [
           "2.0.2"
         ]