The result file has no date/identifier

aquasecurity / chain-bench

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

Apache License 2.0

715 stars 62 forks source link

The result file has no date/identifier #38

Closed rgreinho closed 2 years ago

rgreinho commented 2 years ago

As a user, I would like to be able to compare scan results to ensure we've improved and make sure we did not regress over time. This could also help capturing human mistakes (e.g. an admin changed a setting by mistake).

Add metadata

An idea could be to add a metadata section at the top of the file, which would contain at least the following information:

Date
Result score (related to #37)

naortalmor1 commented 2 years ago

Hi @rgreinho thank you for your contribution! @guyb1 Please go over the PR 🙏🏽

guyb1 commented 2 years ago

Hey @rgreinho! I went thru your pr and left one comment :)

Thank you!