Proposal: Move scorecards into a single repo

expressjs / security-wg

Express.js Security Working Group

MIT License

10 stars 5 forks source link

Proposal: Move scorecards into a single repo #31

Open blakeembrey opened 1 month ago

blakeembrey commented 1 month ago

Currently the scorecard GitHub Action is failing across many of the repos, and in others it's been automatically disabled due to activity.

cleanshot_2024-10-03_at_15 09 27_2x

Given the challenge with keeping these all up to date across all the repos, and issues like running them due to activity, would we be able to create a single task that clones and runs this against all the repos from a single location?

UlisesGascon commented 1 month ago

I think that is a good idea, I will love to discuss it in our next meeting (cc: @inigomarquinez @carpasse )

wesleytodd commented 1 week ago

Big plus one on consolidating and fixing this. I had mentioned them being broken here for reference: https://github.com/expressjs/security-wg/issues/2#issuecomment-2470453748