Skip to content
View calebbrown's full-sized avatar
63 followers · 1 following

Achievements

Achievement: YOLOAchievement: QuickdrawAchievement: Pair ExtraordinaireAchievement: Pull Sharkx3Achievement: Arctic Code Vault Contributor

Achievements

Achievement: YOLOAchievement: QuickdrawAchievement: Pair ExtraordinaireAchievement: Pull Sharkx3Achievement: Arctic Code Vault Contributor

Block or report calebbrown

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned Loading

  1. ossf/package-analysis Public

    Open Source Package Analysis

    Go 823 56

  2. ossf/malicious-packages Public

    A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.

    Go 297 34

  3. google/osv-scanner Public

    Vulnerability scanner written in Go which uses the data provided by https://osv.dev

    Go 7.2k 410

390 contributions in the last year

Contribution Graph
Day of Week March April May June July August September October November December January February March
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Learn how we count contributions
Less
No contributions.
Low contributions.
Medium-low contributions.
Medium-high contributions.
High contributions.
More

Contribution activity

March 2025

Created 5 commits in 1 repository
Opened 2 pull requests in 1 repository
ossf/malicious-packages 2 merged
Reviewed 4 pull requests in 1 repository
ossf/malicious-packages 4 pull requests

Created an issue in astral-sh/uv that received 1 comment

uv pip install does not conform to PEP-721

Summary I was testing the behaviour of pip and uv when extracting a sdist package containing a symlink with an absolute path outside the destination.

1 comment
Loading