Hey, I'm Pedro and I'm working for Google and the OpenSSF to improve the security of critical open-source infrastructure. Given ua-parser-js' popularity, it's been considered one of the 100 most critical open-source projects.
I'd like to suggest the Scorecards GitHub Action, which runs multiple checks to help maintainers understand the project's security posture and warns if there are any accidental missteps, along with actionable suggestions of how to fix any issues.
In fact, I saw PR #583, which was based off the Scorecard system.
Would you be interested in a PR to implement this Action? See an example suggestion (from another project) below:
Hey, I'm Pedro and I'm working for Google and the OpenSSF to improve the security of critical open-source infrastructure. Given ua-parser-js' popularity, it's been considered one of the 100 most critical open-source projects.
I'd like to suggest the Scorecards GitHub Action, which runs multiple checks to help maintainers understand the project's security posture and warns if there are any accidental missteps, along with actionable suggestions of how to fix any issues.
In fact, I saw PR #583, which was based off the Scorecard system.
Would you be interested in a PR to implement this Action? See an example suggestion (from another project) below: