-
The probes (experimental) currently need to belong to a check to be run. What is users need probes that don't fit into a check? Do we create a new check? Do we put all new probes into their own check?…
-
I'd like to propose to evaluate and (selectively) adopt secure software development best practices recommended by the Open Source Security Foundation (OpenSSF) [1]. The OpenSSF Scorecard project check…
gkunz updated
6 months ago
-
Currently the test will fail only if the actual call to trigger a scan failed, however if the scan starts (but then later fails while running) the test is considered to pass. This should be fixed so t…
-
## Background
When evaluating a repository, it’s common for Scorecard to detect different tools when scoring checks or probes. The heuristic has to do with the usage of tools from certain categories…
-
Fortify version 23.2 has been released, however `fortify/github-action/setup@v1` does not support the setting for `sc-client: 23.2.0`.
It seems this is related to the code from [fcli](https://githu…
-
**Describe the bug**
I want to be transparent, I am by no means a kafka expert, I am trying to better understand what I could have possibly done to achieve this error.
What I did was re-apply a …
-
## Release Info
Please provide information on what you want to be included in the Eclipse Tractus-X release.
If you are not owner of this issue, please provide the information as comment to the issue…
-
**Safety**
PyUp safety appears to have been handled by DefectDojo at one point in time. Refer to [Issue 1754](https://github.com/DefectDojo/django-DefectDojo/issues/1754).
Not sure why this was re…
-
## Release Info
Please provide information on what you want to be included in the Eclipse Tractus-X release.
If you are not owner of this issue, please provide the information as comment to the is…
-