From 44a3e95dde2224e45d5b355404801a8dbed9f300 Mon Sep 17 00:00:00 2001
From: github-actions <github-actions@github.com>
Date: Sun, 19 Jan 2025 00:23:20 +0000
Subject: [PATCH] Assign IDs

---
 osv/malicious/.id-allocator                               | 2 +-
 ...e-analysis-3a752546905d1373.json => MAL-2025-134.json} | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)
 rename osv/malicious/npm/dbximgs/{MAL-0000-ossf-package-analysis-3a752546905d1373.json => MAL-2025-134.json} (69%)

diff --git a/osv/malicious/.id-allocator b/osv/malicious/.id-allocator
index b4fce50faf..8426e394d5 100644
--- a/osv/malicious/.id-allocator
+++ b/osv/malicious/.id-allocator
@@ -1 +1 @@
-b87125160fb1feca382a9f1edfcd157edffd7d32506f20ab8fd5a40dd99e272a
\ No newline at end of file
+c86269e624e9676017a62634d83d0c0eb4df6ea20bffb9d0c6aa83ecc9ac65f8
\ No newline at end of file
diff --git a/osv/malicious/npm/dbximgs/MAL-0000-ossf-package-analysis-3a752546905d1373.json b/osv/malicious/npm/dbximgs/MAL-2025-134.json
similarity index 69%
rename from osv/malicious/npm/dbximgs/MAL-0000-ossf-package-analysis-3a752546905d1373.json
rename to osv/malicious/npm/dbximgs/MAL-2025-134.json
index 343fe52514..979f9a59f4 100644
--- a/osv/malicious/npm/dbximgs/MAL-0000-ossf-package-analysis-3a752546905d1373.json
+++ b/osv/malicious/npm/dbximgs/MAL-2025-134.json
@@ -2,9 +2,9 @@
   "modified": "2025-01-18T23:37:53Z",
   "published": "2025-01-18T23:37:53Z",
   "schema_version": "1.5.0",
-  "id": "",
+  "id": "MAL-2025-134",
   "summary": "Malicious code in dbximgs (npm)",
-  "details": "The OpenSSF Package Analysis project identified 'dbximgs' @ 2.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (3a752546905d1373f7b092a98454b7ca4e820bebecb1af358ce0a6a72fa9a1e8)\nThe OpenSSF Package Analysis project identified 'dbximgs' @ 2.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
   "affected": [
     {
       "package": {
@@ -29,10 +29,10 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "ossf-package-analysis",
-        "sha256": "3a752546905d1373f7b092a98454b7ca4e820bebecb1af358ce0a6a72fa9a1e8",
         "import_time": "2025-01-19T00:22:52.685004596Z",
         "modified_time": "2025-01-18T23:37:53Z",
+        "sha256": "3a752546905d1373f7b092a98454b7ca4e820bebecb1af358ce0a6a72fa9a1e8",
+        "source": "ossf-package-analysis",
         "versions": [
           "2.0.0"
         ]