securelens-backend/.github/ISSUE_TEMPLATE/dependency_auditor.md at main

External/securelens-backend

Fork 0

mirror of https://github.com/Rarebuffalo/securelens-backend.git synced 2026-06-19 07:00:30 +00:00

Files

rarebuffalo 67004b6584 add github issue template for dependency lockfile auditor

2026-06-12 19:37:00 +05:30

864 B

Raw Permalink Blame History

name, about, title, labels, assignees

name

about

title

labels

assignees

Feature: Dependency Lockfile Auditor

Template for scanning package files against the OSV database.

Feature: Dependency Lockfile Auditor (securelens audit)

help wanted

enhancement

good first issue

Description

We want to expand the CLI tool's capabilities to scan project dependencies for known vulnerabilities.

Goal

Add a new CLI command securelens audit <path> that scans package descriptors (such as requirements.txt or package.json) and runs checks against the Open Source Vulnerability (OSV.dev) database API.

Requirements

Parse common package files to extract dependency names and versions.
Submit query requests to the OSV API (https://api.osv.dev/v1/query).
Format the results in a clear CLI table using rich showing packages, affected versions, and severity.

864 B Raw Permalink Blame History

Description

Goal

Requirements

864 B

Raw Permalink Blame History