Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

mirego/elixir-security-advisories

Repository files navigation





This repository is a dump of all Elixir/Erlang security advisories inside GitHub Advisory Database.

This repository intends to be used as a replacement for dependabot/elixir-security-advisories since it is no longer maintained, as of July 2022.

The actual reason we (Mirego) need a public GitHub repository of Elixir security advisories, is because of MixAudit, the tool we built to make sure our Elixir projects are scanned for potential vulnerabilities. MixAudit needs to be ran anonymously and locally (or in continuous integration) by anyone, so it cannot use GitHub GraphQL API’s securityVulnerabilities query since it requires authentication.

This is why, every 6 hours, through this workflow, the packages directory is synced with GitHub Advisory Database πŸŽ‰

License

elixir-security-advisories is Β© 2022 Mirego and may be freely distributed under the New BSD license. See the LICENSE.md file.

However, since the data inside the packages directory is pulled from GitHub API, it is licensed under the under the terms of the CC-BY 4.0 open source license. See GitHub documentation for the full terms.

The shield logo is based on this lovely icon by Saeful Muslim, from The Noun Project. Used under a Creative Commons BY 3.0 license.

About

πŸ›‘ Public database of Elixir security advisories pulled from GitHub Advisory Database

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

AltStyle γ«γ‚ˆγ£γ¦ε€‰ζ›γ•γ‚ŒγŸγƒšγƒΌγ‚Έ (->γ‚ͺγƒͺγ‚ΈγƒŠγƒ«) /