├── .dockerignore ├── .github ├── dependabot.yml └── workflows │ ├── build-images.yml │ ├── build.yml │ ├── codeql-analysis.yml │ ├── depsreview.yml │ ├── osv-scanner-pr.yml │ ├── osv-scanner-scheduled.yml │ ├── scorecards-analysis.yml │ ├── shellcheck.yml │ └── test.yml ├── .gitignore ├── .golangci.yml ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── LICENSE ├── Makefile ├── README.md ├── SECURITY.md ├── cmd ├── analyze │ ├── Dockerfile │ └── main.go ├── downloader │ ├── README.md │ └── main.go ├── scheduler │ ├── Dockerfile │ ├── README.md │ ├── config │ │ └── deployment.yaml │ ├── main.go │ └── proxy │ │ └── proxy.go └── worker │ ├── config.go │ ├── main.go │ └── pubsubextender │ ├── extender.go │ ├── extender_test.go │ ├── gcpdriver.go │ ├── gcpdriver_test.go │ └── noopdriver.go ├── configs └── e2e │ ├── .gitignore │ ├── config │ └── feeds.yml │ └── docker-compose.yml ├── docs ├── case_studies.md ├── data_schema.md ├── images │ ├── Pipeline diagram.png │ ├── npm_depconf-typosquat_1.png │ ├── npm_random_vouchercode-generator_1.png │ ├── npm_random_vouchercode-generator_2.png │ ├── npm_roku_web_core-ajax_1.png │ ├── pypi_discordcmd_1.png │ ├── pypi_discordcmd_2.png │ └── pypi_secrevthree_1.png └── queries.md ├── examples ├── README.md ├── custom-sandbox │ ├── Dockerfile │ ├── Makefile │ ├── README.md │ └── analyze.php └── e2e │ └── README.md ├── function └── loader │ ├── README.md │ ├── dynamic-analysis-schema.json │ ├── go.mod │ ├── go.sum │ ├── load.go │ └── static-analysis-schema.json ├── go.mod ├── go.sum ├── infra ├── README.md ├── cloudbuild │ ├── dynamic_loader │ │ └── cloudbuild.yaml │ └── image_build │ │ └── cloudbuild.yaml ├── terraform │ ├── analysis.tf │ ├── build │ │ ├── main.tf │ │ └── variables.tf │ ├── docker_registry │ │ ├── main.tf │ │ └── variables.tf │ ├── metrics │ │ ├── log_metrics.tf │ │ └── variables.tf │ ├── terraform.tfvars │ └── variables.tf └── worker │ ├── scaler.yaml │ └── workers-set.yaml ├── internal ├── analysis │ ├── mode.go │ └── status.go ├── dnsanalyzer │ └── dnsanalyzer.go ├── dynamicanalysis │ ├── analysis.go │ └── sandbox_args.go ├── featureflags │ ├── featureflags.go │ ├── featureflags_test.go │ └── features.go ├── log │ ├── context.go │ ├── context_test.go │ ├── log.go │ ├── log_test.go │ ├── writer.go │ └── writer_test.go ├── notification │ └── notification.go ├── packetcapture │ └── packetcapture.go ├── pkgmanager │ ├── crates.io.go │ ├── download.go │ ├── download_test.go │ ├── ecosystem.go │ ├── npm.go │ ├── package.go │ ├── packagist.go │ ├── pypi.go │ └── rubygems.go ├── resultstore │ ├── result.go │ ├── resultstore.go │ └── resultstore_test.go ├── sandbox │ ├── copy_args.go │ ├── copy_args_test.go │ ├── init.go │ └── sandbox.go ├── staticanalysis │ ├── analyze.go │ ├── analyze_test.go │ ├── basicdata │ │ ├── basic_data.go │ │ ├── basic_data_test.go │ │ └── describe_files.go │ ├── externalcmd │ │ ├── input_strategy.go │ │ └── input_strategy_test.go │ ├── linelengths │ │ ├── line_lengths.go │ │ └── line_lengths_test.go │ ├── parsing │ │ ├── analyze.go │ │ ├── analyze_test.go │ │ ├── babel-parser.js │ │ ├── init_parser.go │ │ ├── js_parsing.go │ │ ├── js_parsing_test.go │ │ ├── package-lock.json │ │ ├── package.json │ │ ├── parsing_types.go │ │ ├── result.go │ │ └── string_regexp.go │ ├── result.go │ ├── result_test.go │ ├── signals │ │ ├── analyze.go │ │ ├── detections │ │ │ ├── addresses.go │ │ │ ├── addresses_test.go │ │ │ ├── base64.go │ │ │ ├── base64_test.go │ │ │ ├── escape_sequences.go │ │ │ ├── escape_sequences_test.go │ │ │ ├── hex_strings.go │ │ │ ├── hex_strings_test.go │ │ │ └── suspicious_identifiers.go │ │ ├── file_signals.go │ │ ├── file_signals_test.go │ │ ├── stats │ │ │ ├── sample_statistics.go │ │ │ └── sample_statistics_test.go │ │ └── stringentropy │ │ │ ├── string_entropy.go │ │ │ └── string_entropy_test.go │ └── task.go ├── strace │ ├── strace.go │ └── strace_test.go ├── useragent │ ├── useragent.go │ └── useragent_test.go ├── utils │ ├── archive_extract.go │ ├── archive_extract_test.go │ ├── combine_regexp.go │ ├── combine_regexp_test.go │ ├── comma_separated_flags.go │ ├── equals.go │ ├── file_write_data_utils.go │ ├── hash_file.go │ ├── hash_file_test.go │ ├── last_bytes.go │ ├── last_bytes_test.go │ ├── remove_duplicates.go │ ├── transform.go │ └── write_file.go └── worker │ ├── code_execution.go │ ├── logging.go │ ├── resolvepackage.go │ ├── rundynamic.go │ ├── runstatic.go │ ├── sandbox_options.go │ ├── save_data.go │ └── savefilewriteresults.go ├── osv-scanner.toml ├── pkg ├── api │ ├── analysisrun │ │ ├── key.go │ │ ├── key_test.go │ │ ├── phase.go │ │ └── result.go │ ├── notification │ │ └── notification.go │ ├── pkgecosystem │ │ ├── ecosystem.go │ │ └── ecosystem_test.go │ └── staticanalysis │ │ ├── record.go │ │ ├── signals.go │ │ └── token │ │ ├── identifier_type.go │ │ ├── position.go │ │ └── tokens.go └── valuecounts │ ├── value_counts.go │ └── value_counts_test.go ├── sample_packages ├── Makefile ├── README.md └── sample_python_package │ ├── Dockerfile │ ├── pyproject.toml │ ├── setup.py │ └── src │ ├── __init__.py │ └── example.py ├── sandboxes ├── README.md ├── dynamicanalysis │ ├── Dockerfile │ ├── analyze-node.js │ ├── analyze-php.php │ ├── analyze-python.py │ ├── analyze-ruby.rb │ ├── analyze-rust.py │ ├── bowerrc │ └── pypi-packages.txt └── staticanalysis │ ├── Dockerfile │ └── staticanalyze.go ├── scripts ├── analyse-tarballs.sh ├── bq_load.sh ├── deploy.sh ├── format-static-analysis-json.py └── run_analysis.sh ├── test └── e2e │ ├── README.md │ └── docker-compose.test.yml └── tools ├── README.md ├── analysis ├── README.md ├── analysis_runner.py ├── backfill.sh ├── node.txt ├── python.txt └── rubygems.txt ├── gvisor ├── README.md └── runsc_compat.sh └── network ├── iptables.rules └── podman-analysis.conflist /.dockerignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.dockerignore -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/workflows/build-images.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.github/workflows/build-images.yml -------------------------------------------------------------------------------- /.github/workflows/build.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.github/workflows/build.yml -------------------------------------------------------------------------------- /.github/workflows/codeql-analysis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.github/workflows/codeql-analysis.yml -------------------------------------------------------------------------------- /.github/workflows/depsreview.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.github/workflows/depsreview.yml -------------------------------------------------------------------------------- /.github/workflows/osv-scanner-pr.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.github/workflows/osv-scanner-pr.yml -------------------------------------------------------------------------------- /.github/workflows/osv-scanner-scheduled.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.github/workflows/osv-scanner-scheduled.yml -------------------------------------------------------------------------------- /.github/workflows/scorecards-analysis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.github/workflows/scorecards-analysis.yml -------------------------------------------------------------------------------- /.github/workflows/shellcheck.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.github/workflows/shellcheck.yml -------------------------------------------------------------------------------- /.github/workflows/test.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.github/workflows/test.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.gitignore -------------------------------------------------------------------------------- /.golangci.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/.golangci.yml -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/LICENSE -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/Makefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/SECURITY.md -------------------------------------------------------------------------------- /cmd/analyze/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/analyze/Dockerfile -------------------------------------------------------------------------------- /cmd/analyze/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/analyze/main.go -------------------------------------------------------------------------------- /cmd/downloader/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/downloader/README.md -------------------------------------------------------------------------------- /cmd/downloader/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/downloader/main.go -------------------------------------------------------------------------------- /cmd/scheduler/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/scheduler/Dockerfile -------------------------------------------------------------------------------- /cmd/scheduler/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/scheduler/README.md -------------------------------------------------------------------------------- /cmd/scheduler/config/deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/scheduler/config/deployment.yaml -------------------------------------------------------------------------------- /cmd/scheduler/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/scheduler/main.go -------------------------------------------------------------------------------- /cmd/scheduler/proxy/proxy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/scheduler/proxy/proxy.go -------------------------------------------------------------------------------- /cmd/worker/config.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/worker/config.go -------------------------------------------------------------------------------- /cmd/worker/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/worker/main.go -------------------------------------------------------------------------------- /cmd/worker/pubsubextender/extender.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/worker/pubsubextender/extender.go -------------------------------------------------------------------------------- /cmd/worker/pubsubextender/extender_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/worker/pubsubextender/extender_test.go -------------------------------------------------------------------------------- /cmd/worker/pubsubextender/gcpdriver.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/worker/pubsubextender/gcpdriver.go -------------------------------------------------------------------------------- /cmd/worker/pubsubextender/gcpdriver_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/worker/pubsubextender/gcpdriver_test.go -------------------------------------------------------------------------------- /cmd/worker/pubsubextender/noopdriver.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/cmd/worker/pubsubextender/noopdriver.go -------------------------------------------------------------------------------- /configs/e2e/.gitignore: -------------------------------------------------------------------------------- 1 | data/ 2 | -------------------------------------------------------------------------------- /configs/e2e/config/feeds.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/configs/e2e/config/feeds.yml -------------------------------------------------------------------------------- /configs/e2e/docker-compose.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/configs/e2e/docker-compose.yml -------------------------------------------------------------------------------- /docs/case_studies.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/docs/case_studies.md -------------------------------------------------------------------------------- /docs/data_schema.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/docs/data_schema.md -------------------------------------------------------------------------------- /docs/images/Pipeline diagram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/docs/images/Pipeline diagram.png -------------------------------------------------------------------------------- /docs/images/npm_depconf-typosquat_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/docs/images/npm_depconf-typosquat_1.png -------------------------------------------------------------------------------- /docs/images/npm_random_vouchercode-generator_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/docs/images/npm_random_vouchercode-generator_1.png -------------------------------------------------------------------------------- /docs/images/npm_random_vouchercode-generator_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/docs/images/npm_random_vouchercode-generator_2.png -------------------------------------------------------------------------------- /docs/images/npm_roku_web_core-ajax_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/docs/images/npm_roku_web_core-ajax_1.png -------------------------------------------------------------------------------- /docs/images/pypi_discordcmd_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/docs/images/pypi_discordcmd_1.png -------------------------------------------------------------------------------- /docs/images/pypi_discordcmd_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/docs/images/pypi_discordcmd_2.png -------------------------------------------------------------------------------- /docs/images/pypi_secrevthree_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/docs/images/pypi_secrevthree_1.png -------------------------------------------------------------------------------- /docs/queries.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/docs/queries.md -------------------------------------------------------------------------------- /examples/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/examples/README.md -------------------------------------------------------------------------------- /examples/custom-sandbox/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/examples/custom-sandbox/Dockerfile -------------------------------------------------------------------------------- /examples/custom-sandbox/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/examples/custom-sandbox/Makefile -------------------------------------------------------------------------------- /examples/custom-sandbox/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/examples/custom-sandbox/README.md -------------------------------------------------------------------------------- /examples/custom-sandbox/analyze.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/examples/custom-sandbox/analyze.php -------------------------------------------------------------------------------- /examples/e2e/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/examples/e2e/README.md -------------------------------------------------------------------------------- /function/loader/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/function/loader/README.md -------------------------------------------------------------------------------- /function/loader/dynamic-analysis-schema.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/function/loader/dynamic-analysis-schema.json -------------------------------------------------------------------------------- /function/loader/go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/function/loader/go.mod -------------------------------------------------------------------------------- /function/loader/go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/function/loader/go.sum -------------------------------------------------------------------------------- /function/loader/load.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/function/loader/load.go -------------------------------------------------------------------------------- /function/loader/static-analysis-schema.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/function/loader/static-analysis-schema.json -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/go.sum -------------------------------------------------------------------------------- /infra/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/README.md -------------------------------------------------------------------------------- /infra/cloudbuild/dynamic_loader/cloudbuild.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/cloudbuild/dynamic_loader/cloudbuild.yaml -------------------------------------------------------------------------------- /infra/cloudbuild/image_build/cloudbuild.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/cloudbuild/image_build/cloudbuild.yaml -------------------------------------------------------------------------------- /infra/terraform/analysis.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/terraform/analysis.tf -------------------------------------------------------------------------------- /infra/terraform/build/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/terraform/build/main.tf -------------------------------------------------------------------------------- /infra/terraform/build/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/terraform/build/variables.tf -------------------------------------------------------------------------------- /infra/terraform/docker_registry/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/terraform/docker_registry/main.tf -------------------------------------------------------------------------------- /infra/terraform/docker_registry/variables.tf: -------------------------------------------------------------------------------- 1 | variable "project" {} 2 | -------------------------------------------------------------------------------- /infra/terraform/metrics/log_metrics.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/terraform/metrics/log_metrics.tf -------------------------------------------------------------------------------- /infra/terraform/metrics/variables.tf: -------------------------------------------------------------------------------- 1 | variable "project" {} 2 | -------------------------------------------------------------------------------- /infra/terraform/terraform.tfvars: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/terraform/terraform.tfvars -------------------------------------------------------------------------------- /infra/terraform/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/terraform/variables.tf -------------------------------------------------------------------------------- /infra/worker/scaler.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/worker/scaler.yaml -------------------------------------------------------------------------------- /infra/worker/workers-set.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/infra/worker/workers-set.yaml -------------------------------------------------------------------------------- /internal/analysis/mode.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/analysis/mode.go -------------------------------------------------------------------------------- /internal/analysis/status.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/analysis/status.go -------------------------------------------------------------------------------- /internal/dnsanalyzer/dnsanalyzer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/dnsanalyzer/dnsanalyzer.go -------------------------------------------------------------------------------- /internal/dynamicanalysis/analysis.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/dynamicanalysis/analysis.go -------------------------------------------------------------------------------- /internal/dynamicanalysis/sandbox_args.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/dynamicanalysis/sandbox_args.go -------------------------------------------------------------------------------- /internal/featureflags/featureflags.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/featureflags/featureflags.go -------------------------------------------------------------------------------- /internal/featureflags/featureflags_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/featureflags/featureflags_test.go -------------------------------------------------------------------------------- /internal/featureflags/features.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/featureflags/features.go -------------------------------------------------------------------------------- /internal/log/context.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/log/context.go -------------------------------------------------------------------------------- /internal/log/context_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/log/context_test.go -------------------------------------------------------------------------------- /internal/log/log.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/log/log.go -------------------------------------------------------------------------------- /internal/log/log_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/log/log_test.go -------------------------------------------------------------------------------- /internal/log/writer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/log/writer.go -------------------------------------------------------------------------------- /internal/log/writer_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/log/writer_test.go -------------------------------------------------------------------------------- /internal/notification/notification.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/notification/notification.go -------------------------------------------------------------------------------- /internal/packetcapture/packetcapture.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/packetcapture/packetcapture.go -------------------------------------------------------------------------------- /internal/pkgmanager/crates.io.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/pkgmanager/crates.io.go -------------------------------------------------------------------------------- /internal/pkgmanager/download.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/pkgmanager/download.go -------------------------------------------------------------------------------- /internal/pkgmanager/download_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/pkgmanager/download_test.go -------------------------------------------------------------------------------- /internal/pkgmanager/ecosystem.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/pkgmanager/ecosystem.go -------------------------------------------------------------------------------- /internal/pkgmanager/npm.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/pkgmanager/npm.go -------------------------------------------------------------------------------- /internal/pkgmanager/package.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/pkgmanager/package.go -------------------------------------------------------------------------------- /internal/pkgmanager/packagist.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/pkgmanager/packagist.go -------------------------------------------------------------------------------- /internal/pkgmanager/pypi.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/pkgmanager/pypi.go -------------------------------------------------------------------------------- /internal/pkgmanager/rubygems.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/pkgmanager/rubygems.go -------------------------------------------------------------------------------- /internal/resultstore/result.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/resultstore/result.go -------------------------------------------------------------------------------- /internal/resultstore/resultstore.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/resultstore/resultstore.go -------------------------------------------------------------------------------- /internal/resultstore/resultstore_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/resultstore/resultstore_test.go -------------------------------------------------------------------------------- /internal/sandbox/copy_args.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/sandbox/copy_args.go -------------------------------------------------------------------------------- /internal/sandbox/copy_args_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/sandbox/copy_args_test.go -------------------------------------------------------------------------------- /internal/sandbox/init.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/sandbox/init.go -------------------------------------------------------------------------------- /internal/sandbox/sandbox.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/sandbox/sandbox.go -------------------------------------------------------------------------------- /internal/staticanalysis/analyze.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/analyze.go -------------------------------------------------------------------------------- /internal/staticanalysis/analyze_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/analyze_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/basicdata/basic_data.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/basicdata/basic_data.go -------------------------------------------------------------------------------- /internal/staticanalysis/basicdata/basic_data_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/basicdata/basic_data_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/basicdata/describe_files.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/basicdata/describe_files.go -------------------------------------------------------------------------------- /internal/staticanalysis/externalcmd/input_strategy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/externalcmd/input_strategy.go -------------------------------------------------------------------------------- /internal/staticanalysis/externalcmd/input_strategy_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/externalcmd/input_strategy_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/linelengths/line_lengths.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/linelengths/line_lengths.go -------------------------------------------------------------------------------- /internal/staticanalysis/linelengths/line_lengths_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/linelengths/line_lengths_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/parsing/analyze.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/parsing/analyze.go -------------------------------------------------------------------------------- /internal/staticanalysis/parsing/analyze_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/parsing/analyze_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/parsing/babel-parser.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/parsing/babel-parser.js -------------------------------------------------------------------------------- /internal/staticanalysis/parsing/init_parser.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/parsing/init_parser.go -------------------------------------------------------------------------------- /internal/staticanalysis/parsing/js_parsing.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/parsing/js_parsing.go -------------------------------------------------------------------------------- /internal/staticanalysis/parsing/js_parsing_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/parsing/js_parsing_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/parsing/package-lock.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/parsing/package-lock.json -------------------------------------------------------------------------------- /internal/staticanalysis/parsing/package.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/parsing/package.json -------------------------------------------------------------------------------- /internal/staticanalysis/parsing/parsing_types.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/parsing/parsing_types.go -------------------------------------------------------------------------------- /internal/staticanalysis/parsing/result.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/parsing/result.go -------------------------------------------------------------------------------- /internal/staticanalysis/parsing/string_regexp.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/parsing/string_regexp.go -------------------------------------------------------------------------------- /internal/staticanalysis/result.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/result.go -------------------------------------------------------------------------------- /internal/staticanalysis/result_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/result_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/analyze.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/analyze.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/detections/addresses.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/detections/addresses.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/detections/addresses_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/detections/addresses_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/detections/base64.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/detections/base64.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/detections/base64_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/detections/base64_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/detections/escape_sequences.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/detections/escape_sequences.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/detections/escape_sequences_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/detections/escape_sequences_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/detections/hex_strings.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/detections/hex_strings.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/detections/hex_strings_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/detections/hex_strings_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/detections/suspicious_identifiers.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/detections/suspicious_identifiers.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/file_signals.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/file_signals.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/file_signals_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/file_signals_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/stats/sample_statistics.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/stats/sample_statistics.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/stats/sample_statistics_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/stats/sample_statistics_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/stringentropy/string_entropy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/stringentropy/string_entropy.go -------------------------------------------------------------------------------- /internal/staticanalysis/signals/stringentropy/string_entropy_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/signals/stringentropy/string_entropy_test.go -------------------------------------------------------------------------------- /internal/staticanalysis/task.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/staticanalysis/task.go -------------------------------------------------------------------------------- /internal/strace/strace.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/strace/strace.go -------------------------------------------------------------------------------- /internal/strace/strace_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/strace/strace_test.go -------------------------------------------------------------------------------- /internal/useragent/useragent.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/useragent/useragent.go -------------------------------------------------------------------------------- /internal/useragent/useragent_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/useragent/useragent_test.go -------------------------------------------------------------------------------- /internal/utils/archive_extract.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/archive_extract.go -------------------------------------------------------------------------------- /internal/utils/archive_extract_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/archive_extract_test.go -------------------------------------------------------------------------------- /internal/utils/combine_regexp.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/combine_regexp.go -------------------------------------------------------------------------------- /internal/utils/combine_regexp_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/combine_regexp_test.go -------------------------------------------------------------------------------- /internal/utils/comma_separated_flags.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/comma_separated_flags.go -------------------------------------------------------------------------------- /internal/utils/equals.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/equals.go -------------------------------------------------------------------------------- /internal/utils/file_write_data_utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/file_write_data_utils.go -------------------------------------------------------------------------------- /internal/utils/hash_file.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/hash_file.go -------------------------------------------------------------------------------- /internal/utils/hash_file_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/hash_file_test.go -------------------------------------------------------------------------------- /internal/utils/last_bytes.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/last_bytes.go -------------------------------------------------------------------------------- /internal/utils/last_bytes_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/last_bytes_test.go -------------------------------------------------------------------------------- /internal/utils/remove_duplicates.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/remove_duplicates.go -------------------------------------------------------------------------------- /internal/utils/transform.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/transform.go -------------------------------------------------------------------------------- /internal/utils/write_file.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/utils/write_file.go -------------------------------------------------------------------------------- /internal/worker/code_execution.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/worker/code_execution.go -------------------------------------------------------------------------------- /internal/worker/logging.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/worker/logging.go -------------------------------------------------------------------------------- /internal/worker/resolvepackage.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/worker/resolvepackage.go -------------------------------------------------------------------------------- /internal/worker/rundynamic.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/worker/rundynamic.go -------------------------------------------------------------------------------- /internal/worker/runstatic.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/worker/runstatic.go -------------------------------------------------------------------------------- /internal/worker/sandbox_options.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/worker/sandbox_options.go -------------------------------------------------------------------------------- /internal/worker/save_data.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/worker/save_data.go -------------------------------------------------------------------------------- /internal/worker/savefilewriteresults.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/internal/worker/savefilewriteresults.go -------------------------------------------------------------------------------- /osv-scanner.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/osv-scanner.toml -------------------------------------------------------------------------------- /pkg/api/analysisrun/key.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/analysisrun/key.go -------------------------------------------------------------------------------- /pkg/api/analysisrun/key_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/analysisrun/key_test.go -------------------------------------------------------------------------------- /pkg/api/analysisrun/phase.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/analysisrun/phase.go -------------------------------------------------------------------------------- /pkg/api/analysisrun/result.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/analysisrun/result.go -------------------------------------------------------------------------------- /pkg/api/notification/notification.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/notification/notification.go -------------------------------------------------------------------------------- /pkg/api/pkgecosystem/ecosystem.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/pkgecosystem/ecosystem.go -------------------------------------------------------------------------------- /pkg/api/pkgecosystem/ecosystem_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/pkgecosystem/ecosystem_test.go -------------------------------------------------------------------------------- /pkg/api/staticanalysis/record.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/staticanalysis/record.go -------------------------------------------------------------------------------- /pkg/api/staticanalysis/signals.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/staticanalysis/signals.go -------------------------------------------------------------------------------- /pkg/api/staticanalysis/token/identifier_type.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/staticanalysis/token/identifier_type.go -------------------------------------------------------------------------------- /pkg/api/staticanalysis/token/position.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/staticanalysis/token/position.go -------------------------------------------------------------------------------- /pkg/api/staticanalysis/token/tokens.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/api/staticanalysis/token/tokens.go -------------------------------------------------------------------------------- /pkg/valuecounts/value_counts.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/valuecounts/value_counts.go -------------------------------------------------------------------------------- /pkg/valuecounts/value_counts_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/pkg/valuecounts/value_counts_test.go -------------------------------------------------------------------------------- /sample_packages/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sample_packages/Makefile -------------------------------------------------------------------------------- /sample_packages/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sample_packages/README.md -------------------------------------------------------------------------------- /sample_packages/sample_python_package/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sample_packages/sample_python_package/Dockerfile -------------------------------------------------------------------------------- /sample_packages/sample_python_package/pyproject.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sample_packages/sample_python_package/pyproject.toml -------------------------------------------------------------------------------- /sample_packages/sample_python_package/setup.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sample_packages/sample_python_package/setup.py -------------------------------------------------------------------------------- /sample_packages/sample_python_package/src/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sample_packages/sample_python_package/src/__init__.py -------------------------------------------------------------------------------- /sample_packages/sample_python_package/src/example.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sample_packages/sample_python_package/src/example.py -------------------------------------------------------------------------------- /sandboxes/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sandboxes/README.md -------------------------------------------------------------------------------- /sandboxes/dynamicanalysis/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sandboxes/dynamicanalysis/Dockerfile -------------------------------------------------------------------------------- /sandboxes/dynamicanalysis/analyze-node.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sandboxes/dynamicanalysis/analyze-node.js -------------------------------------------------------------------------------- /sandboxes/dynamicanalysis/analyze-php.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sandboxes/dynamicanalysis/analyze-php.php -------------------------------------------------------------------------------- /sandboxes/dynamicanalysis/analyze-python.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sandboxes/dynamicanalysis/analyze-python.py -------------------------------------------------------------------------------- /sandboxes/dynamicanalysis/analyze-ruby.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sandboxes/dynamicanalysis/analyze-ruby.rb -------------------------------------------------------------------------------- /sandboxes/dynamicanalysis/analyze-rust.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sandboxes/dynamicanalysis/analyze-rust.py -------------------------------------------------------------------------------- /sandboxes/dynamicanalysis/bowerrc: -------------------------------------------------------------------------------- 1 | { "allow-root": true } -------------------------------------------------------------------------------- /sandboxes/dynamicanalysis/pypi-packages.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sandboxes/dynamicanalysis/pypi-packages.txt -------------------------------------------------------------------------------- /sandboxes/staticanalysis/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sandboxes/staticanalysis/Dockerfile -------------------------------------------------------------------------------- /sandboxes/staticanalysis/staticanalyze.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/sandboxes/staticanalysis/staticanalyze.go -------------------------------------------------------------------------------- /scripts/analyse-tarballs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/scripts/analyse-tarballs.sh -------------------------------------------------------------------------------- /scripts/bq_load.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/scripts/bq_load.sh -------------------------------------------------------------------------------- /scripts/deploy.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/scripts/deploy.sh -------------------------------------------------------------------------------- /scripts/format-static-analysis-json.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/scripts/format-static-analysis-json.py -------------------------------------------------------------------------------- /scripts/run_analysis.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/scripts/run_analysis.sh -------------------------------------------------------------------------------- /test/e2e/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/test/e2e/README.md -------------------------------------------------------------------------------- /test/e2e/docker-compose.test.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/test/e2e/docker-compose.test.yml -------------------------------------------------------------------------------- /tools/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/tools/README.md -------------------------------------------------------------------------------- /tools/analysis/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/tools/analysis/README.md -------------------------------------------------------------------------------- /tools/analysis/analysis_runner.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/tools/analysis/analysis_runner.py -------------------------------------------------------------------------------- /tools/analysis/backfill.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/tools/analysis/backfill.sh -------------------------------------------------------------------------------- /tools/analysis/node.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/tools/analysis/node.txt -------------------------------------------------------------------------------- /tools/analysis/python.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/tools/analysis/python.txt -------------------------------------------------------------------------------- /tools/analysis/rubygems.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/tools/analysis/rubygems.txt -------------------------------------------------------------------------------- /tools/gvisor/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/tools/gvisor/README.md -------------------------------------------------------------------------------- /tools/gvisor/runsc_compat.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/tools/gvisor/runsc_compat.sh -------------------------------------------------------------------------------- /tools/network/iptables.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/tools/network/iptables.rules -------------------------------------------------------------------------------- /tools/network/podman-analysis.conflist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/package-analysis/HEAD/tools/network/podman-analysis.conflist --------------------------------------------------------------------------------