l2dy
commented
1 year ago You could fork this project and manage the permission and protections yourself. It's the code that primarily affects security of the project, which is not affected by the fixes you have proposed.
abdullahkhawer
Hi,
I really liked this tool and was planning to start using it in my current company's project but they told me that the OpenSSF score is not high enough (4.8/10). See here: https://deps.dev/project/github/camptocamp%2Fterraboard Can we improve this? For example, by fixing Branch-Protection and Token-Permissions, etc. We can use the remediations mentioned here: https://github.com/ossf/scorecard/blob/main/docs/checks.md I can provide help where possible.
CC: @hbollon