Assign IDs

ossf · Dec 21, 2024 · 74e84ab · 74e84ab
1 parent 1496e62
commit 74e84ab
Show file tree

Hide file tree

Showing 7 changed files with 41 additions and 137 deletions.
diff --git a/osv/malicious/.id-allocator b/osv/malicious/.id-allocator
@@ -1 +1 @@
-18857d41489cc6e97bf8d5b15bb47f5e83f060d372443b325440b3ee93fd7946
+e28af2a36c32f12d5f166b13f0daf723b77b80b1500dcbf83e2f737ef118f1c1
diff --git a/...licious/npm/aauto-assign-team-action/MAL-0000-ossf-package-analysis-20d6b8df49c8a196.json b/...licious/npm/aauto-assign-team-action/MAL-0000-ossf-package-analysis-20d6b8df49c8a196.json
diff --git a/...licious/npm/aauto-assign-team-action/MAL-0000-ossf-package-analysis-24334b1015df570a.json b/...licious/npm/aauto-assign-team-action/MAL-0000-ossf-package-analysis-24334b1015df570a.json
diff --git a/osv/malicious/npm/aauto-assign-team-action/MAL-2024-12067.json b/osv/malicious/npm/aauto-assign-team-action/MAL-2024-12067.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2024-12-20T06:15:47Z",
+  "modified": "2024-12-21T10:05:39Z",
   "published": "2024-12-20T06:15:47Z",
   "schema_version": "1.5.0",
   "id": "MAL-2024-12067",
@@ -12,7 +12,9 @@
         "name": "aauto-assign-team-action"
       },
       "versions": [
-        "0.0.9"
+        "0.0.9",
+        "0.1.1",
+        "0.1.0"
       ]
     }
   ],
@@ -29,13 +31,31 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
+        "source": "ossf-package-analysis",
+        "sha256": "7a1940e473e85340855b988ae41ca9c65a1c1e2ee81c63e96329b35b605b6405",
         "import_time": "2024-12-20T06:39:10.132969996Z",
         "modified_time": "2024-12-20T06:15:47Z",
-        "sha256": "7a1940e473e85340855b988ae41ca9c65a1c1e2ee81c63e96329b35b605b6405",
-        "source": "ossf-package-analysis",
         "versions": [
           "0.0.9"
         ]
+      },
+      {
+        "source": "ossf-package-analysis",
+        "sha256": "20d6b8df49c8a196bdddfe3670a09617033a86639fe61a4a191ae4f3dc926715",
+        "import_time": "2024-12-21T10:05:14.646637162Z",
+        "modified_time": "2024-12-21T09:50:39Z",
+        "versions": [
+          "0.1.1"
+        ]
+      },
+      {
+        "source": "ossf-package-analysis",
+        "sha256": "24334b1015df570a4828e5982d0285375f64bb4a889f3c54431ba385b54f0a27",
+        "import_time": "2024-12-21T10:05:14.569236354Z",
+        "modified_time": "2024-12-21T09:47:36Z",
+        "versions": [
+          "0.1.0"
+        ]
       }
     ]
   }

diff --git a/...licious/npm/auto-assign-team-actionn/MAL-0000-ossf-package-analysis-0a76c2ee75baa7c3.json b/...licious/npm/auto-assign-team-actionn/MAL-0000-ossf-package-analysis-0a76c2ee75baa7c3.json
diff --git a/osv/malicious/npm/auto-assign-team-actionn/MAL-2024-11918.json b/osv/malicious/npm/auto-assign-team-actionn/MAL-2024-11918.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2024-12-20T06:07:49Z",
+  "modified": "2024-12-21T10:05:39Z",
   "published": "2024-12-18T20:55:56Z",
   "schema_version": "1.5.0",
   "id": "MAL-2024-11918",
@@ -15,7 +15,8 @@
         "1.1.0",
         "0.0.4",
         "0.0.6",
-        "0.0.9"
+        "0.0.9",
+        "0.1.0"
       ]
     }
   ],
@@ -66,6 +67,15 @@
         "versions": [
           "0.0.9"
         ]
+      },
+      {
+        "source": "ossf-package-analysis",
+        "sha256": "0a76c2ee75baa7c330f6245cd32f36ea9ab50a438b5ae22970e6280a498a5236",
+        "import_time": "2024-12-21T10:05:14.494370046Z",
+        "modified_time": "2024-12-21T09:42:28Z",
+        "versions": [
+          "0.1.0"
+        ]
       }
     ]
   }

diff --git a/...sf-package-analysis-a34cccaa0f154234.json → .../cosmos-hub-docs-site/MAL-2024-12088.json b/...sf-package-analysis-a34cccaa0f154234.json → .../cosmos-hub-docs-site/MAL-2024-12088.json
@@ -2,9 +2,9 @@
   "modified": "2024-12-21T10:00:58Z",
   "published": "2024-12-21T10:00:58Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2024-12088",
   "summary": "Malicious code in cosmos-hub-docs-site (npm)",
-  "details": "The OpenSSF Package Analysis project identified 'cosmos-hub-docs-site' @ 2.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (a34cccaa0f1542346f9bde458f8b0160dfc0e0d1d8718d8acc264d706162d8a3)\nThe OpenSSF Package Analysis project identified 'cosmos-hub-docs-site' @ 2.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
   "affected": [
     {
       "package": {
@@ -29,10 +29,10 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "ossf-package-analysis",
-        "sha256": "a34cccaa0f1542346f9bde458f8b0160dfc0e0d1d8718d8acc264d706162d8a3",
         "import_time": "2024-12-21T10:05:14.728230572Z",
         "modified_time": "2024-12-21T10:00:58Z",
+        "sha256": "a34cccaa0f1542346f9bde458f8b0160dfc0e0d1d8718d8acc264d706162d8a3",
+        "source": "ossf-package-analysis",
         "versions": [
           "2.0.0"
         ]
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		18857d41489cc6e97bf8d5b15bb47f5e83f060d372443b325440b3ee93fd7946
		e28af2a36c32f12d5f166b13f0daf723b77b80b1500dcbf83e2f737ef118f1c1