-
Hello, I'm working on behalf of Google and the [Open Source Security Foundation][ossf] to help essential open-source projects improve their supply-chain security. Given the relevance and impact that X…
-
Hello, I am Joyce and I'm working on behalf of Google and the [Open Source Security Foundation][ossf] to help essential open-source projects improve their supply-chain security. Given the solc-js rele…
-
## Time
**UTC Thu 19-Jan-2023 15:00 (03:00 PM)**:
| Timezone | Date/Time |
|---------------|-----------------------|
| US / Pacific | Thu 19-Jan-2023 07:00 (07:00 AM) |
| US / Mou…
-
### Description
Hi, I am Joyce from Google and I'm working on behalf of the [Open Source Security Foundation][ossf] (OpenSSF) to help essential open-source projects improve their supply-chain securit…
-
#### What's the problem this feature will solve?
I have a single `requirements.in` file, I would like to generate a single `requirements.txt` file, that would work with multiple python versions.
…
RuRo updated
11 months ago
-
### What would you like to be added?
Hi I am Joyce and I'm working on behalf of Google and the [Open Source Security Foundation][ossf] to help essential open-source projects improve their supply-chai…
-
## Issue description
Hello, I'm working on behalf of Google and the [OpenSSF][ossf] to help essential open-source projects improve their supply-chain security. The OpenSSF is a non-profit foundatio…
-
[OpenSSF](https://openssf.org) recently released a [security scorecards](https://github.com/ossf/scorecard) project for open source software. The goals of this project are:
> 1. Automate analysis a…
-
**Is your feature request related to a problem? Please describe.**
It is recommended to pin github actions by their commit hash to ensure reproduciability and enhance the supply chain security: https…
-
https://github.com/ossf/scorecard
Would be nice to get these results visible. They have a GitHub Action that we could use.
The installation instructions say:
> One Scorecards check ([Branch-Pro…