-
```
CLOMonitor linter results
Repository information
╭────────────┬─────────────────────────────────────────────────────╮
│ Local path ┆ /Users/jabrahms/src/github.com/open-feature/javasdk │…
-
This repo is signed up as part of the KubeCon [Security Slam](https://events.linuxfoundation.org/kubecon-cloudnativecon-north-america/attend/experiences/#security-slam). I'm bringing to your attention…
-
**Package ecosystem**
GitHub Actions
**Manifest location and content before the Dependabot update**
https://github.com/juliangruber/isarray/pull/44/files
**What you expected to s…
-
The scorecard action is reporting that most of the PRs are not running tests even though running scorecard command reports that 30/30 tests ran tests correctly:
Image from security tab report as ge…
-
It' be awesome to support CI/CD systems such as, for example, [github actions](https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsuses) and [Google's cloud …
-
Fill out openssf scorecard best practices form
Add badge to main page (like is shown at https://github.com/ebpf-for-windows)
-
At https://github.com/step-security/secure-workflows we are building a knowledge-base (KB) of GITHUB_TOKEN permissions needed by different GitHub Actions. When developers try to set minimum token perm…
-
**Describe the bug**
When running Scorecard against this repo https://github.com/tngan/samlify I get an score 0 on the Dependency Update Tool check, however the repo does have dependabot.
**Reprod…
-
The [flutter/samples](https://github.com/flutter/samples) repository scorecard runs fail to detect the dependabot file even though [the file](https://github.com/flutter/samples/blob/master/.github/dep…
-
**Is your feature request related to a problem? Please describe.**
Scorecard exits with an exit status of zero (0) under many circumstances: for instance when there are internal errors.
Scripts a…