jeffmendoza-test-org / .allstar

0 stars 0 forks source link

Security Policy violation for repository "scm-test-repo" OpenSSF Scorecard #10

Open jeff-s-test-policy[bot] opened 1 month ago

jeff-s-test-policy[bot] commented 1 month ago

This issue was automatically created by Allstar and refers to jeffmendoza-test-org/scm-test-repo.

Security Policy Violation Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/6 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions


:warning: There is an updated version of this policy result! Click here to see the latest update


This issue will auto resolve when the policy is in compliance.

Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions

allstar-staging[bot] commented 1 month ago

The policy result has been updated.


Project is out of compliance with OpenSSF Scorecard policy.

Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/7 approved changesets -- score normalized to 0

Results from policy: Dependency-Update-Tool : no update tool detected

Results from policy: Fuzzing : project is not fuzzed

Results from policy: License : license file not detected

Results from policy: Maintained : project was created in last 90 days. please review its contents carefully

Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 0

Results from policy: SAST : no SAST tool detected

Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions