ossf
diff --git a/‎osv/malicious/.id-allocator‎
Lines changed: 1 addition & 1 deletion b/‎osv/malicious/.id-allocator‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎osv/malicious/npm/@epicgames/epic-core/MAL-0000-amazon-inspector-2ce90a948d900b57.json‎ renamed to ‎osv/malicious/npm/@epicgames/epic-core/MAL-2025-49102.json‎
Lines changed: 7 additions & 7 deletions b/‎osv/malicious/npm/@epicgames/epic-core/MAL-0000-amazon-inspector-2ce90a948d900b57.json‎ renamed to ‎osv/malicious/npm/@epicgames/epic-core/MAL-2025-49102.json‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎osv/malicious/npm/@epicgames/testprivate/MAL-0000-amazon-inspector-fa0536c6ff02d2f0.json‎ renamed to ‎osv/malicious/npm/@epicgames/testprivate/MAL-2025-49103.json‎
Lines changed: 7 additions & 7 deletions b/‎osv/malicious/npm/@epicgames/testprivate/MAL-0000-amazon-inspector-fa0536c6ff02d2f0.json‎ renamed to ‎osv/malicious/npm/@epicgames/testprivate/MAL-2025-49103.json‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎osv/malicious/npm/@item-shop-data/client/MAL-0000-amazon-inspector-f3931756a8f0da8b.json‎ renamed to ‎osv/malicious/npm/@item-shop-data/client/MAL-2025-49104.json‎
Lines changed: 7 additions & 7 deletions b/‎osv/malicious/npm/@item-shop-data/client/MAL-0000-amazon-inspector-f3931756a8f0da8b.json‎ renamed to ‎osv/malicious/npm/@item-shop-data/client/MAL-2025-49104.json‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎osv/malicious/npm/@ra-web-tech-ui-toolkit/common-utils/MAL-0000-amazon-inspector-7591712b2670c324.json‎ renamed to ‎osv/malicious/npm/@ra-web-tech-ui-toolkit/common-utils/MAL-2025-49105.json‎
Lines changed: 7 additions & 7 deletions b/‎osv/malicious/npm/@ra-web-tech-ui-toolkit/common-utils/MAL-0000-amazon-inspector-7591712b2670c324.json‎ renamed to ‎osv/malicious/npm/@ra-web-tech-ui-toolkit/common-utils/MAL-2025-49105.json‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎osv/malicious/npm/@spicywombat/testprivate/MAL-0000-amazon-inspector-366deab55325850a.json‎ renamed to ‎osv/malicious/npm/@spicywombat/testprivate/MAL-2025-49106.json‎
Lines changed: 7 additions & 7 deletions b/‎osv/malicious/npm/@spicywombat/testprivate/MAL-0000-amazon-inspector-366deab55325850a.json‎ renamed to ‎osv/malicious/npm/@spicywombat/testprivate/MAL-2025-49106.json‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎osv/malicious/npm/account-merge-site/MAL-0000-amazon-inspector-e9da6b4c4378cd7e.json‎ renamed to ‎osv/malicious/npm/account-merge-site/MAL-2025-49107.json‎
Lines changed: 7 additions & 7 deletions b/‎osv/malicious/npm/account-merge-site/MAL-0000-amazon-inspector-e9da6b4c4378cd7e.json‎ renamed to ‎osv/malicious/npm/account-merge-site/MAL-2025-49107.json‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎osv/malicious/npm/aligntrue/MAL-0000-amazon-inspector-c5e297ef6ea537d2.json‎ renamed to ‎osv/malicious/npm/aligntrue/MAL-2025-49108.json‎
Lines changed: 7 additions & 7 deletions b/‎osv/malicious/npm/aligntrue/MAL-0000-amazon-inspector-c5e297ef6ea537d2.json‎ renamed to ‎osv/malicious/npm/aligntrue/MAL-2025-49108.json‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎osv/malicious/npm/blendertools/MAL-0000-amazon-inspector-b1acfaab9ab114f5.json‎ renamed to ‎osv/malicious/npm/blendertools/MAL-2025-49109.json‎
Lines changed: 7 additions & 7 deletions b/‎osv/malicious/npm/blendertools/MAL-0000-amazon-inspector-b1acfaab9ab114f5.json‎ renamed to ‎osv/malicious/npm/blendertools/MAL-2025-49109.json‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎osv/malicious/npm/com.apple.unityplugin.spatialcontroller/MAL-0000-amazon-inspector-8fc0ce1ef79c10b4.json‎ renamed to ‎osv/malicious/npm/com.apple.unityplugin.spatialcontroller/MAL-2025-49110.json‎
Lines changed: 7 additions & 7 deletions b/‎osv/malicious/npm/com.apple.unityplugin.spatialcontroller/MAL-0000-amazon-inspector-8fc0ce1ef79c10b4.json‎ renamed to ‎osv/malicious/npm/com.apple.unityplugin.spatialcontroller/MAL-2025-49110.json‎
Lines changed: 7 additions & 7 deletions
@@ -1 +1 @@
-a961e7e118dcf574230feb328f586bd7d42eae5e5c612f1e612ab9095a755eaf
+06db515cba1705e53761324af913e0b741f06de48d1ca020f1da1c80cdcbdedd
@@ -2,9 +2,9 @@
   "modified": "2025-10-30T17:38:57Z",
   "published": "2025-10-30T17:38:57Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2025-49102",
   "summary": "Malicious code in @epicgames/epic-core (npm)",
-  "details": "The package @epicgames/epic-core was found to contain malicious code.",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (2ce90a948d900b570228227881b693a544dc9e70b0d9b2839283cc555136c3e3)\nThe package @epicgames/epic-core was found to contain malicious code.\n",
   "affected": [
     {
       "package": {
@@ -35,20 +35,20 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "amazon-inspector",
-        "sha256": "2ce90a948d900b570228227881b693a544dc9e70b0d9b2839283cc555136c3e3",
         "import_time": "2025-10-30T18:08:40.121538376Z",
         "modified_time": "2025-10-30T17:38:57Z",
         "ranges": [
           {
-            "type": "SEMVER",
             "events": [
               {
                 "introduced": "0"
               }
-            ]
+            ],
+            "type": "SEMVER"
           }
-        ]
+        ],
+        "sha256": "2ce90a948d900b570228227881b693a544dc9e70b0d9b2839283cc555136c3e3",
+        "source": "amazon-inspector"
       }
     ]
   }
 
@@ -2,9 +2,9 @@
   "modified": "2025-10-30T17:38:57Z",
   "published": "2025-10-30T17:38:57Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2025-49103",
   "summary": "Malicious code in @epicgames/testprivate (npm)",
-  "details": "The package @epicgames/testprivate was found to contain malicious code.",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (fa0536c6ff02d2f0a6a962ec7228277682d582de2257380291ddbbf4aad9849d)\nThe package @epicgames/testprivate was found to contain malicious code.\n",
   "affected": [
     {
       "package": {
@@ -35,20 +35,20 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "amazon-inspector",
-        "sha256": "fa0536c6ff02d2f0a6a962ec7228277682d582de2257380291ddbbf4aad9849d",
         "import_time": "2025-10-30T18:08:36.029274993Z",
         "modified_time": "2025-10-30T17:38:57Z",
         "ranges": [
           {
-            "type": "SEMVER",
             "events": [
               {
                 "introduced": "0"
               }
-            ]
+            ],
+            "type": "SEMVER"
           }
-        ]
+        ],
+        "sha256": "fa0536c6ff02d2f0a6a962ec7228277682d582de2257380291ddbbf4aad9849d",
+        "source": "amazon-inspector"
       }
     ]
   }
 
@@ -2,9 +2,9 @@
   "modified": "2025-10-30T17:38:57Z",
   "published": "2025-10-30T17:38:57Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2025-49104",
   "summary": "Malicious code in @item-shop-data/client (npm)",
-  "details": "The package @item-shop-data/client was found to contain malicious code.",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (f3931756a8f0da8b385e1c2b974c51fef803ddf8c0c6cb84ed0dacf3b3e6c1bd)\nThe package @item-shop-data/client was found to contain malicious code.\n",
   "affected": [
     {
       "package": {
@@ -35,20 +35,20 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "amazon-inspector",
-        "sha256": "f3931756a8f0da8b385e1c2b974c51fef803ddf8c0c6cb84ed0dacf3b3e6c1bd",
         "import_time": "2025-10-30T18:08:39.388740359Z",
         "modified_time": "2025-10-30T17:38:57Z",
         "ranges": [
           {
-            "type": "SEMVER",
             "events": [
               {
                 "introduced": "0"
               }
-            ]
+            ],
+            "type": "SEMVER"
           }
-        ]
+        ],
+        "sha256": "f3931756a8f0da8b385e1c2b974c51fef803ddf8c0c6cb84ed0dacf3b3e6c1bd",
+        "source": "amazon-inspector"
       }
     ]
   }
 
@@ -2,9 +2,9 @@
   "modified": "2025-10-30T17:38:57Z",
   "published": "2025-10-30T17:38:57Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2025-49105",
   "summary": "Malicious code in @ra-web-tech-ui-toolkit/common-utils (npm)",
-  "details": "The package @ra-web-tech-ui-toolkit/common-utils was found to contain malicious code.",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (7591712b2670c324bceb4a2e50ddcc9bd03c8992939343db9e97b8a6b23e44a0)\nThe package @ra-web-tech-ui-toolkit/common-utils was found to contain malicious code.\n",
   "affected": [
     {
       "package": {
@@ -35,20 +35,20 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "amazon-inspector",
-        "sha256": "7591712b2670c324bceb4a2e50ddcc9bd03c8992939343db9e97b8a6b23e44a0",
         "import_time": "2025-10-30T18:08:38.034135158Z",
         "modified_time": "2025-10-30T17:38:57Z",
         "ranges": [
           {
-            "type": "SEMVER",
             "events": [
               {
                 "introduced": "0"
               }
-            ]
+            ],
+            "type": "SEMVER"
           }
-        ]
+        ],
+        "sha256": "7591712b2670c324bceb4a2e50ddcc9bd03c8992939343db9e97b8a6b23e44a0",
+        "source": "amazon-inspector"
       }
     ]
   }
 
@@ -2,9 +2,9 @@
   "modified": "2025-10-30T17:38:57Z",
   "published": "2025-10-30T17:38:57Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2025-49106",
   "summary": "Malicious code in @spicywombat/testprivate (npm)",
-  "details": "The package @spicywombat/testprivate was found to contain malicious code.",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (366deab55325850a843c5a70fe81f67daa4d95ebab49ad3fb23041b2f87f0679)\nThe package @spicywombat/testprivate was found to contain malicious code.\n",
   "affected": [
     {
       "package": {
@@ -35,20 +35,20 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "amazon-inspector",
-        "sha256": "366deab55325850a843c5a70fe81f67daa4d95ebab49ad3fb23041b2f87f0679",
         "import_time": "2025-10-30T18:08:38.437796556Z",
         "modified_time": "2025-10-30T17:38:57Z",
         "ranges": [
           {
-            "type": "SEMVER",
             "events": [
               {
                 "introduced": "0"
               }
-            ]
+            ],
+            "type": "SEMVER"
           }
-        ]
+        ],
+        "sha256": "366deab55325850a843c5a70fe81f67daa4d95ebab49ad3fb23041b2f87f0679",
+        "source": "amazon-inspector"
       }
     ]
   }
 
@@ -2,9 +2,9 @@
   "modified": "2025-10-30T17:38:57Z",
   "published": "2025-10-30T17:38:57Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2025-49107",
   "summary": "Malicious code in account-merge-site (npm)",
-  "details": "The package account-merge-site was found to contain malicious code.",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (e9da6b4c4378cd7eac26edb573618fc697b4312cfef6741c25ceb45871856fad)\nThe package account-merge-site was found to contain malicious code.\n",
   "affected": [
     {
       "package": {
@@ -35,20 +35,20 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "amazon-inspector",
-        "sha256": "e9da6b4c4378cd7eac26edb573618fc697b4312cfef6741c25ceb45871856fad",
         "import_time": "2025-10-30T18:08:41.112188603Z",
         "modified_time": "2025-10-30T17:38:57Z",
         "ranges": [
           {
-            "type": "SEMVER",
             "events": [
               {
                 "introduced": "0"
               }
-            ]
+            ],
+            "type": "SEMVER"
           }
-        ]
+        ],
+        "sha256": "e9da6b4c4378cd7eac26edb573618fc697b4312cfef6741c25ceb45871856fad",
+        "source": "amazon-inspector"
       }
     ]
   }
 
@@ -2,9 +2,9 @@
   "modified": "2025-10-30T17:38:57Z",
   "published": "2025-10-30T17:38:57Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2025-49108",
   "summary": "Malicious code in aligntrue (npm)",
-  "details": "The package aligntrue was found to contain malicious code.",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (c5e297ef6ea537d223cb6dafb2e5946b076de0aec5f03ae85361dce4b50d0b83)\nThe package aligntrue was found to contain malicious code.\n",
   "affected": [
     {
       "package": {
@@ -35,20 +35,20 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "amazon-inspector",
-        "sha256": "c5e297ef6ea537d223cb6dafb2e5946b076de0aec5f03ae85361dce4b50d0b83",
         "import_time": "2025-10-30T18:08:40.418886228Z",
         "modified_time": "2025-10-30T17:38:57Z",
         "ranges": [
           {
-            "type": "SEMVER",
             "events": [
               {
                 "introduced": "0"
               }
-            ]
+            ],
+            "type": "SEMVER"
           }
-        ]
+        ],
+        "sha256": "c5e297ef6ea537d223cb6dafb2e5946b076de0aec5f03ae85361dce4b50d0b83",
+        "source": "amazon-inspector"
       }
     ]
   }
 
@@ -2,9 +2,9 @@
   "modified": "2025-10-30T17:38:57Z",
   "published": "2025-10-30T17:38:57Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2025-49109",
   "summary": "Malicious code in blendertools (npm)",
-  "details": "The package blendertools was found to contain malicious code.",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (b1acfaab9ab114f53c72a105674bc7ea9a297a9feab2487fd796de16b53b3be4)\nThe package blendertools was found to contain malicious code.\n",
   "affected": [
     {
       "package": {
@@ -35,20 +35,20 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "amazon-inspector",
-        "sha256": "b1acfaab9ab114f53c72a105674bc7ea9a297a9feab2487fd796de16b53b3be4",
         "import_time": "2025-10-30T18:08:40.868951297Z",
         "modified_time": "2025-10-30T17:38:57Z",
         "ranges": [
           {
-            "type": "SEMVER",
             "events": [
               {
                 "introduced": "0"
               }
-            ]
+            ],
+            "type": "SEMVER"
           }
-        ]
+        ],
+        "sha256": "b1acfaab9ab114f53c72a105674bc7ea9a297a9feab2487fd796de16b53b3be4",
+        "source": "amazon-inspector"
       }
     ]
   }
 
@@ -2,9 +2,9 @@
   "modified": "2025-10-30T17:38:57Z",
   "published": "2025-10-30T17:38:57Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2025-49110",
   "summary": "Malicious code in com.apple.unityplugin.spatialcontroller (npm)",
-  "details": "The package com.apple.unityplugin.spatialcontroller was found to contain malicious code.",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (8fc0ce1ef79c10b4d5b8ba64243eefffe9f16596e7b9d80eb7437755b1f547a9)\nThe package com.apple.unityplugin.spatialcontroller was found to contain malicious code.\n",
   "affected": [
     {
       "package": {
@@ -35,20 +35,20 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "amazon-inspector",
-        "sha256": "8fc0ce1ef79c10b4d5b8ba64243eefffe9f16596e7b9d80eb7437755b1f547a9",
         "import_time": "2025-10-30T18:08:41.516428198Z",
         "modified_time": "2025-10-30T17:38:57Z",
         "ranges": [
           {
-            "type": "SEMVER",
             "events": [
               {
                 "introduced": "0"
               }
-            ]
+            ],
+            "type": "SEMVER"
           }
-        ]
+        ],
+        "sha256": "8fc0ce1ef79c10b4d5b8ba64243eefffe9f16596e7b9d80eb7437755b1f547a9",
+        "source": "amazon-inspector"
       }
     ]
   }
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-a961e7e118dcf574230feb328f586bd7d42eae5e5c612f1e612ab9095a755eaf`
	`1`	`+06db515cba1705e53761324af913e0b741f06de48d1ca020f1da1c80cdcbdedd`
Original file line number	Diff line number	Diff line change
`@@ -2,9 +2,9 @@`
`2`	`2`	`"modified": "2025-10-30T17:38:57Z",`
`3`	`3`	`"published": "2025-10-30T17:38:57Z",`
`4`	`4`	`"schema_version": "1.5.0",`
`5`		`- "id": "",`
	`5`	`+ "id": "MAL-2025-49102",`
`6`	`6`	`"summary": "Malicious code in @epicgames/epic-core (npm)",`
`7`		`- "details": "The package @epicgames/epic-core was found to contain malicious code.",`
	`7`	`+ "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (2ce90a948d900b570228227881b693a544dc9e70b0d9b2839283cc555136c3e3)\nThe package @epicgames/epic-core was found to contain malicious code.\n",`
`8`	`8`	`"affected": [`
`9`	`9`	`{`
`10`	`10`	`"package": {`
`@@ -35,20 +35,20 @@`
`35`	`35`	`"database_specific": {`
`36`	`36`	`"malicious-packages-origins": [`
`37`	`37`	`{`
`38`		`- "source": "amazon-inspector",`
`39`		`- "sha256": "2ce90a948d900b570228227881b693a544dc9e70b0d9b2839283cc555136c3e3",`
`40`	`38`	`"import_time": "2025-10-30T18:08:40.121538376Z",`
`41`	`39`	`"modified_time": "2025-10-30T17:38:57Z",`
`42`	`40`	`"ranges": [`
`43`	`41`	`{`
`44`		`- "type": "SEMVER",`
`45`	`42`	`"events": [`
`46`	`43`	`{`
`47`	`44`	`"introduced": "0"`
`48`	`45`	`}`
`49`		`- ]`
	`46`	`+ ],`
	`47`	`+ "type": "SEMVER"`
`50`	`48`	`}`
`51`		`- ]`
	`49`	`+ ],`
	`50`	`+ "sha256": "2ce90a948d900b570228227881b693a544dc9e70b0d9b2839283cc555136c3e3",`
	`51`	`+ "source": "amazon-inspector"`
`52`	`52`	`}`
`53`	`53`	`]`
`54`	`54`	`}`