MaxymVlasov
commented
2 weeks ago @nitrocode can you please point me where you find such score in Renovate PRs for pre-commit hooks?
Open nitrocode opened 2 weeks ago
MaxymVlasov
commented
2 weeks ago @nitrocode can you please point me where you find such score in Renovate PRs for pre-commit hooks?
MaxymVlasov
commented
2 weeks ago We definitely want 9+/10, but firstly I need to understand how to enable such scores for Renovate, as I never disable it in https://github.com/SpotOnInc/renovate-config/blob/main/default.template.json5
nitrocode
commented
2 weeks ago Hi @MaxymVlasov, this is how I have enabled the scores in some orgs for renovate PRs
https://docs.renovatebot.com/presets-security/#securityopenssf-scorecard
nitrocode
commented
1 week ago Also the results may be better by adopting the GitHub action. This should get the branch protections
What problem are you facing?
Adoption in a new organization
How could pre-commit-terraform help solve your problem?
Renovatebot includes an openssf score on every PR update for this repo. Due to low scores, this can irk developers and management.
Please consider improving the OpenSSF score of this repo. Current score is 6.7 which is not and could be better. The higher the score, the more objective integrity the community will have towards the project.
https://github.com/ossf/scorecard
https://securityscorecards.dev/viewer/?uri=github.com/antonbabenko/pre-commit-terraform
Some small improvements
.github/workflows/*would improve it a lotSome big improvements