From 4eb2325fa08f2c53e1367b1c4cc27d4a52d83dde Mon Sep 17 00:00:00 2001 From: ashmod Date: Wed, 8 Oct 2025 15:05:21 +0300 Subject: [PATCH 1/4] docs(blog): fix broken external link --- .../posts/introducing-broad-c-c++-support/index.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gcp/website/blog/content/posts/introducing-broad-c-c++-support/index.md b/gcp/website/blog/content/posts/introducing-broad-c-c++-support/index.md index ab46b599813..ced9163b864 100644 --- a/gcp/website/blog/content/posts/introducing-broad-c-c++-support/index.md +++ b/gcp/website/blog/content/posts/introducing-broad-c-c++-support/index.md @@ -35,13 +35,13 @@ Matching C/C++ dependencies to known vulnerabilities has been one of the final p Submoduled dependencies retain their Git histories. [OSV-Scanner](https://google.github.io/osv-scanner/) [v1.4.3](https://github.com/google/osv-scanner/releases/tag/v1.4.3) is able to determine the most recent Git commits for the submoduled dependencies and return any associated vulnerabilities. -For example, let’s consider the [yuzu](https://github.com/yuzu-emu/yuzu) project and see if we can find any vulnerabilities in the project dependencies. We’ll be working from commit `43be2bfe332d5537041262eb08037993239eaf5f` for this example. +For example, let’s consider the archived [yuzu](https://github.com/yuzu-emu-mirror/yuzu) project repository and see if we can find any vulnerabilities in the project dependencies. We’ll be working from commit `43be2bfe332d5537041262eb08037993239eaf5f` for this example. Follow these steps: -1. Clone the yuzu project to your local machine using `git clone https://github.com/yuzu-emu/yuzu`. It is not necessary to use `git clone –recursive`. OSV-Scanner will be able to determine the appropriate Git commits without the recursive flag. +1. Clone the yuzu project to your local machine using `git clone --recursive https://github.com/yuzu-emu-mirror/yuzu`. 2. Checkout the relevant commit using `git -C yuzu checkout 43be2bfe332d5537041262eb08037993239eaf5f` -3. Run `osv-scanner yuzu/` +3. Run `osv-scanner -r yuzu` OSV-Scanner returns the following vulnerabilities from the submoduled dependencies: @@ -67,4 +67,4 @@ Let’s consider the [OpenCV](https://github.com/opencv/opencv) project, which u ## Try it yourself! -Do you have a project that uses C/C++ dependencies? We encourage you to try our new vulnerable commit range features by using the [latest OSV-Scanner release](https://github.com/google/osv-scanner/releases/tag/v1.4.3) and [let us know](https://github.com/google/osv.dev/issues/new/) about your experience. If you encounter a data issue, please fill out a [data quality report](https://github.com/google/osv.dev/issues/new?assignees=&labels=data+quality&projects=&template=converted-nvd-cve-data-quality-report.md&title=Data+quality+issue+with+CVE-yyyy-nnnn). Your contributions, questions, and feedback will help us improve not only the quality of our data, but will ultimately help users identify and fix vulnerabilities in their projects. +Do you have a project that uses C/C++ dependencies? We encourage you to try our new vulnerable commit range features by using the [latest OSV-Scanner release](https://github.com/google/osv-scanner/releases/latest) and [let us know](https://github.com/google/osv.dev/issues/new/) about your experience. If you encounter a data issue, please fill out a [data quality report](https://github.com/google/osv.dev/issues/new?assignees=&labels=data+quality&projects=&template=converted-nvd-cve-data-quality-report.md&title=Data+quality+issue+with+CVE-yyyy-nnnn). Your contributions, questions, and feedback will help us improve not only the quality of our data, but will ultimately help users identify and fix vulnerabilities in their projects. From 5ceee820e57dc155870961d21f75114e2efac294 Mon Sep 17 00:00:00 2001 From: Rex P <106129829+another-rex@users.noreply.github.com> Date: Thu, 9 Oct 2025 13:53:08 +1100 Subject: [PATCH 2/4] Update gcp/website/blog/content/posts/introducing-broad-c-c++-support/index.md --- .../blog/content/posts/introducing-broad-c-c++-support/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gcp/website/blog/content/posts/introducing-broad-c-c++-support/index.md b/gcp/website/blog/content/posts/introducing-broad-c-c++-support/index.md index ced9163b864..71284896921 100644 --- a/gcp/website/blog/content/posts/introducing-broad-c-c++-support/index.md +++ b/gcp/website/blog/content/posts/introducing-broad-c-c++-support/index.md @@ -41,7 +41,7 @@ Follow these steps: 1. Clone the yuzu project to your local machine using `git clone --recursive https://github.com/yuzu-emu-mirror/yuzu`. 2. Checkout the relevant commit using `git -C yuzu checkout 43be2bfe332d5537041262eb08037993239eaf5f` -3. Run `osv-scanner -r yuzu` +3. Run `osv-scanner yuzu` OSV-Scanner returns the following vulnerabilities from the submoduled dependencies: From fa95486b2ce330ea18e3458f6f47ab5486ce7f90 Mon Sep 17 00:00:00 2001 From: ashmod Date: Mon, 13 Oct 2025 11:42:33 +0300 Subject: [PATCH 3/4] the hard way --- mlc_config.json | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/mlc_config.json b/mlc_config.json index 15ea80be709..57bf7344b2e 100644 --- a/mlc_config.json +++ b/mlc_config.json @@ -1,11 +1,7 @@ { - "timeout": "60s", - "retryOn429": true, - "retryCount": 8, - "fallbackRetryDelay": "60s", "aliveStatusCodes": [ 200, 201, 202, 203, 204, 206, 301, 302, 303, 307, 308, - 401, 403, 405 + 401, 403, 405, 429 ] } From 7b03c4efcb414fa4c1fde77f985d3f5d6391b1ed Mon Sep 17 00:00:00 2001 From: ashmod Date: Wed, 15 Oct 2025 14:41:35 +0300 Subject: [PATCH 4/4] this should work(?) --- mlc_config.json | 1 + 1 file changed, 1 insertion(+) diff --git a/mlc_config.json b/mlc_config.json index 57bf7344b2e..c109753e607 100644 --- a/mlc_config.json +++ b/mlc_config.json @@ -1,4 +1,5 @@ { + "timeout": "60s", "aliveStatusCodes": [ 200, 201, 202, 203, 204, 206, 301, 302, 303, 307, 308,