issues
search
ossf
/
allstar
GitHub App to set and enforce security policies
Apache License 2.0
1.24k
stars
123
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Bump github/codeql-action from 3.26.9 to 3.26.10
#575
dependabot[bot]
opened
1 day ago
0
Bump github.com/rhysd/actionlint from 1.7.2 to 1.7.3
#574
dependabot[bot]
opened
1 day ago
0
Bump actions/checkout from 4.1.7 to 4.2.0
#573
dependabot[bot]
opened
5 days ago
0
Bump github/codeql-action from 3.26.8 to 3.26.9
#572
dependabot[bot]
closed
6 days ago
0
Bump github.com/rhysd/actionlint from 1.7.1 to 1.7.2
#571
dependabot[bot]
closed
1 week ago
0
Support globs for optOut/optInRepos
#570
coheigea
closed
6 days ago
3
Scan Dangerous Workflows in non-default branches
#569
raghavkaul
opened
1 week ago
0
Bump github/codeql-action from 3.26.7 to 3.26.8
#568
dependabot[bot]
closed
1 week ago
2
Bump github/codeql-action from 3.26.0 to 3.26.7
#567
dependabot[bot]
closed
2 weeks ago
0
Bump actions/upload-artifact from 4.3.6 to 4.4.0
#566
dependabot[bot]
closed
2 weeks ago
0
Bump github/codeql-action from 3.26.0 to 3.26.6
#565
dependabot[bot]
closed
2 weeks ago
1
Bump github.com/Masterminds/semver/v3 from 3.2.1 to 3.3.0
#564
dependabot[bot]
closed
2 weeks ago
0
Bump github/codeql-action from 3.26.0 to 3.26.5
#563
dependabot[bot]
closed
1 month ago
1
Issue with Allstar Branch Protection Enforcement (404 errors upon action: fix)
#562
ArisBee
opened
1 month ago
3
Bump github/codeql-action from 3.26.0 to 3.26.4
#561
dependabot[bot]
closed
1 month ago
1
Bump github/codeql-action from 3.26.0 to 3.26.3
#560
dependabot[bot]
closed
1 month ago
1
Add ghe config option
#559
SebastianBezold
opened
1 month ago
1
Bump gocloud.dev from 0.38.0 to 0.39.0
#558
dependabot[bot]
closed
2 weeks ago
0
Bump github/codeql-action from 3.26.0 to 3.26.2
#557
dependabot[bot]
closed
1 month ago
1
Bump github/codeql-action from 3.26.0 to 3.26.1
#556
dependabot[bot]
closed
1 month ago
1
Bump sigstore/cosign-installer from 3.5.0 to 3.6.0
#555
dependabot[bot]
closed
1 month ago
0
Bump github/codeql-action from 3.25.15 to 3.26.0
#554
dependabot[bot]
closed
1 month ago
0
Bump actions/upload-artifact from 4.3.5 to 4.3.6
#553
dependabot[bot]
closed
1 month ago
0
Interested in support for self-hosted GHE installation
#552
SebastianBezold
opened
1 month ago
2
Bump golang.org/x/sync from 0.7.0 to 0.8.0
#551
dependabot[bot]
closed
1 month ago
0
Bump actions/upload-artifact from 4.3.4 to 4.3.5
#550
dependabot[bot]
closed
1 month ago
0
Bump golangci/golangci-lint-action from 6.0.1 to 6.1.0
#549
dependabot[bot]
closed
1 month ago
0
Bump github/codeql-action from 3.25.14 to 3.25.15
#548
dependabot[bot]
closed
2 months ago
0
Bump ossf/scorecard-action from 2.3.3 to 2.4.0
#547
dependabot[bot]
closed
2 months ago
0
Bump gocloud.dev from 0.37.0 to 0.38.0
#546
dependabot[bot]
closed
2 months ago
0
Bump github/codeql-action from 3.25.13 to 3.25.14
#545
dependabot[bot]
closed
2 months ago
0
Bump github.com/ossf/scorecard/v5 from 5.0.0-rc2 to 5.0.0
#544
dependabot[bot]
closed
2 months ago
1
Bump github/codeql-action from 3.25.12 to 3.25.13
#543
dependabot[bot]
closed
2 months ago
0
Create devcontainer.json
#542
WontonSam
closed
2 months ago
0
Bump github/codeql-action from 3.25.11 to 3.25.12
#541
dependabot[bot]
closed
2 months ago
0
Bump actions/dependency-review-action from 4.3.3 to 4.3.4
#540
dependabot[bot]
closed
2 months ago
0
Bump actions/setup-go from 5.0.1 to 5.0.2
#539
dependabot[bot]
closed
2 months ago
0
Bump actions/upload-artifact from 4.3.3 to 4.3.4
#538
dependabot[bot]
closed
2 months ago
1
Document recent changes to the generic Scorecard policy
#537
justaugustus
closed
2 months ago
1
Correct references to OpenSSF Scorecard
#536
justaugustus
closed
3 months ago
0
Update emitted copy around OpenSSF Scorecard checks
#535
justaugustus
opened
3 months ago
0
go.mod: Update Scorecard to v5.0.0-rc2
#534
justaugustus
closed
3 months ago
0
.github: Create codeql.yml
#533
justaugustus
closed
3 months ago
2
Bump actions/setup-go from 4.0.1 to 5.0.1
#532
dependabot[bot]
closed
3 months ago
0
Bump actions/checkout from 4.1.1 to 4.1.7
#531
dependabot[bot]
closed
3 months ago
0
Improve Allstar's Scorecard
#530
justaugustus
opened
3 months ago
2
[StepSecurity] ci: Harden GitHub Actions
#529
step-security-bot
closed
3 months ago
0
Allstar operations overview follow-ups
#528
justaugustus
opened
3 months ago
1
.github: Add initial CODEOWNERS
#527
justaugustus
closed
3 months ago
0
Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7 in the go_modules group
#526
dependabot[bot]
closed
3 months ago
1
Next