{"id":13491023,"url":"https://github.com/mirego/elixir-security-advisories","last_synced_at":"2025-10-13T02:52:06.793Z","repository":{"id":54924895,"uuid":"522743879","full_name":"mirego/elixir-security-advisories","owner":"mirego","description":"🛡 Public database of Elixir security advisories pulled from GitHub Advisory Database","archived":false,"fork":false,"pushed_at":"2025-02-20T18:08:30.000Z","size":84,"stargazers_count":124,"open_issues_count":0,"forks_count":3,"subscribers_count":33,"default_branch":"main","last_synced_at":"2025-02-20T19:24:13.132Z","etag":null,"topics":["advisories","elixir","erlang","security","vulnerabilities"],"latest_commit_sha":null,"homepage":"","language":"Elixir","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mirego.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-08-09T00:00:09.000Z","updated_at":"2025-02-20T18:08:34.000Z","dependencies_parsed_at":"2024-08-02T20:42:52.080Z","dependency_job_id":"b645951b-1f3e-4899-a078-fcc1aa41a200","html_url":"https://github.com/mirego/elixir-security-advisories","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mirego%2Felixir-security-advisories","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mirego%2Felixir-security-advisories/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mirego%2Felixir-security-advisories/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mirego%2Felixir-security-advisories/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mirego","download_url":"https://codeload.github.com/mirego/elixir-security-advisories/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245989242,"owners_count":20705791,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["advisories","elixir","erlang","security","vulnerabilities"],"created_at":"2024-07-31T19:00:52.906Z","updated_at":"2025-10-13T02:52:01.756Z","avatar_url":"https://github.com/mirego.png","language":"Elixir","funding_links":[],"categories":["Elixir"],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/11348/183662131-4213af19-2d9e-4895-bf4b-fea05fae11c3.png\" width=\"1191\" /\u003e\n  \u003cbr /\u003e\u003cbr /\u003e\n  \u003ca href=\"https://github.com/mirego/elixir-security-advisories/actions/workflows/ci.yml\"\u003e\u003cimg src=\"https://github.com/mirego/elixir-security-advisories/actions/workflows/ci.yml/badge.svg?branch=main\u0026event=push\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/mirego/elixir-security-advisories/actions/workflows/cd.yml\"\u003e\u003cimg src=\"https://github.com/mirego/elixir-security-advisories/actions/workflows/cd.yml/badge.svg\" /\u003e\u003c/a\u003e\u003cbr /\u003e\u003cbr /\u003e\n\u003c/div\u003e\n\nThis repository is a dump of all Elixir/Erlang security advisories inside [GitHub Advisory Database](https://github.com/advisories).\n\nThis repository intends to be used as a replacement for [dependabot/elixir-security-advisories](https://github.com/dependabot/elixir-security-advisories) since it is no longer maintained, as of July 2022.\n\nThe _actual reason_ we (Mirego) need a public GitHub repository of Elixir security advisories, is because of [MixAudit](https://github.com/mirego/mix_audit), the tool we built to make sure our Elixir projects are scanned for potential vulnerabilities. MixAudit needs to be ran anonymously and locally (or in continuous integration) by anyone, so it cannot use GitHub GraphQL API’s [`securityVulnerabilities` query](https://docs.github.com/en/graphql/reference/queries#securityvulnerabilities) since it requires authentication.\n\nThis is why, every 6 hours, through [this workflow](https://github.com/mirego/elixir-security-advisories/blob/main/.github/workflows/cd.yml), the `packages` directory is synced with GitHub Advisory Database 🎉\n\n## License\n\n`elixir-security-advisories` is © 2022 [Mirego](https://www.mirego.com) and may be freely distributed under the [New BSD license](http://opensource.org/licenses/BSD-3-Clause). See the [`LICENSE.md`](https://github.com/mirego/elixir-security-advisories/blob/main/LICENSE.md) file.\n\nHowever, since the data inside the `packages` directory is pulled from GitHub API, it is licensed under the under the terms of the CC-BY 4.0 open source license. See [GitHub documentation](https://docs.github.com/en/site-policy/github-terms/github-terms-for-additional-products-and-features#advisory-database) for the full terms.\n\nThe shield logo is based on [this lovely icon by Saeful Muslim](https://thenounproject.com/icon/shield-1258213/), from The Noun Project. Used under a [Creative Commons BY 3.0](http://creativecommons.org/licenses/by/3.0/) license.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmirego%2Felixir-security-advisories","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmirego%2Felixir-security-advisories","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmirego%2Felixir-security-advisories/lists"}