allstar-staging[bot]
commented
2 days ago The policy result has been updated.
Project is out of compliance with OpenSSF Scorecard policy.
Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/11 approved changesets -- score normalized to 0
This issue was automatically created by Allstar and refers to jeffmendoza-test-org/test-repo.
Security Policy Violation Project is out of compliance with OpenSSF Scorecard policy.
Rule Description This is a generic passthrough policy that runs the configured checks from OpenSSF Scorecard. Please see the OpenSSF Scorecard documentation for more information on each check. The score was 0, and the passing threshold is 5. Results from policy: Code-Review : Found 0/11 approved changesets -- score normalized to 0
Results from policy: Dependency-Update-Tool : no update tool detected
Results from policy: Fuzzing : project is not fuzzed
Results from policy: License : license file not detected
Results from policy: Maintained : 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Results from policy: Pinned-Dependencies : dependency not pinned by hash detected -- score normalized to 4
Results from policy: SAST : no SAST tool detected
Results from policy: Token-Permissions : detected GitHub workflow tokens with excessive permissions
:warning: There is an updated version of this policy result! Click here to see the latest update
This issue will auto resolve when the policy is in compliance.
Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.