-
Pulling in Taskcluster via https://github.com/mozilla/neqo/pull/1935 made neqo's [OSSF score](https://securityscorecards.dev/viewer/?uri=github.com/mozilla/neqo) drop because of unpatched vulnerabilit…
-
OpenSSF scorecard is a super tools done by the OpenSSF to give a security score of an repo.
- [openSSF scorecard docs](https://securityscorecards.dev)
Best practice is giving a tier for the accomp…
-
**Is this a bug report or feature request?**
* Feature Request
**What should the feature do:**
Hi, I'm Harshita. I’m working with [CNCF and the Google Open Source Security Team for the GSoC 2…
-
https://github.com/ossf/scorecard-monitor/pull/85 and https://github.com/ossf/scorecard-monitor/pull/86 are two examples that highlight a need for us to make a decision on how we handle our community …
-
Hello!
There are changes in your OpenSSF Scorecard report.
Please review the following changes and take action if necessary.
## Summary
There are changes in the following repositories:
| Repos…
-
**Is your enhancement proposal related to a problem? Please describe.**
Open-source supply-chain attacks are [increasing every year][sonatype]. Beyond the infamous [SolarWinds][solarwinds] and [Codec…
-
Hi, I'm Harshita. I’m working with [CNCF and the Google Open Source Security Team for the GSoC 2024 term](https://github.com/cncf/mentoring/issues/1196). We are collaborating to enhance security pract…
-
Hi, I'm Harshita. I’m working with [CNCF and the Google Open Source Security Team for the GSoC 2024 term](https://github.com/cncf/mentoring/issues/1196). We are collaborating to enhance security pract…
-
## What is the underlying problem you're trying to solve?
Hi, I'm Harshita. I’m working with [CNCF and the Google Open Source Security Team for the GSoC 2024 term](https://github.com/cncf/mento…
-
Hi, I'm Harshita. I’m working with [CNCF and the Google Open Source Security Team for the GSoC 2024 term](https://github.com/cncf/mentoring/issues/1196). We are collaborating to enhance security pract…