search

finos / FDC3

An open standard for the financial desktop.
https://fdc3.finos.org
Other
196 stars 116 forks source link

Add openssf scorecard action and readme badge displaying score #1188

Closed bingenito closed 3 months ago

bingenito commented 5 months ago

Run openssf scorecard action weekly and on pushes to main branch (will create code scan analysis security entries if required).

THIS SOFTWARE IS CONTRIBUTED SUBJECT TO THE TERMS OF THE FINOS CORPORATE CONTRIBUTOR LICENSE AGREEMENT.

THIS SOFTWARE IS LICENSED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OF NON-INFRINGEMENT, ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. THIS SOFTWARE MAY BE REDISTRIBUTED TO OTHERS ONLY BY EFFECTIVELY USING THIS OR ANOTHER EQUIVALENT DISCLAIMER IN ADDITION TO ANY OTHER REQUIRED LICENSE TERMS.

netlify[bot] commented 5 months ago

Deploy Preview for fdc3 ready!

Name Link
Latest commit cae39a4aec9e4d85eb293b65565916b134184c30
Latest deploy log https://app.netlify.com/sites/fdc3/deploys/663b90c3a876460009a5a125
Deploy Preview https://deploy-preview-1188--fdc3.netlify.app
Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

bingenito commented 4 months ago

@kriswest When/If we merge this one can we do a squash merge? I was having issues rebasing locally to squash and reword the commit.

kriswest commented 4 months ago

@kriswest When/If we merge this one can we do a squash merge? I was having issues rebasing locally to squash and reword the commit.

@bingenito I don't see why not (as long as we remember).

@robmoffat I think this one is with you to review - along with another action related to the badge

bingenito commented 3 months ago

Token seems to be present at org level because scorecard is working for other projects such as fdc3-dotnet. Will find out once I merge.