issues
search
ossf
/
allstar
GitHub App to set and enforce security policies
Apache License 2.0
1.24k
stars
123
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Outside collaborators should be override-able at the repo-level
#525
pburkholder
opened
3 months ago
2
Emit logs with details about configuration origin and final configuration
#524
pburkholder
opened
3 months ago
0
Bump ko-build/setup-ko from 0.6 to 0.7
#523
dependabot[bot]
closed
3 months ago
0
[]:Syncs
#522
karankohli-cf
closed
3 months ago
0
Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.10.0 to 2.11.0
#521
dependabot[bot]
closed
3 months ago
0
Feature: Add `issueDetails` option to the configuration files
#520
pburkholder
opened
4 months ago
0
docs: Adopt OpenSSF Scorecard contributor ladder
#519
justaugustus
closed
4 months ago
0
Bump github.com/rhysd/actionlint from 1.6.27 to 1.7.1
#518
dependabot[bot]
closed
3 months ago
0
docs: Allstar is now a part of the OpenSSF Scorecard project
#517
justaugustus
closed
4 months ago
0
Bump github.com/rs/zerolog from 1.32.0 to 1.33.0
#516
dependabot[bot]
closed
3 months ago
0
Bump ossf/scorecard-action from 2.1.3 to 2.3.3
#515
dependabot[bot]
closed
3 months ago
0
Bump github.com/rhysd/actionlint from 1.6.27 to 1.7.0
#514
dependabot[bot]
closed
4 months ago
1
Bump golangci/golangci-lint-action from 4 to 6
#513
dependabot[bot]
closed
3 months ago
1
Fix name of ko in cloudbuild
#512
jeffmendoza
closed
5 months ago
0
Time for a new release?
#511
pburkholder
closed
4 months ago
4
Bump golangci/golangci-lint-action from 4 to 5
#510
dependabot[bot]
closed
4 months ago
1
Bump sigstore/cosign-installer from 3.4.0 to 3.5.0
#509
dependabot[bot]
closed
3 months ago
0
Bump golang.org/x/sync from 0.6.0 to 0.7.0
#508
dependabot[bot]
closed
5 months ago
2
[]: sync from openssf
#507
karankohli-cf
closed
6 months ago
0
[]: sync allstar to main
#506
karankohli-cf
closed
6 months ago
0
Update scorecard and Go versions.
#505
jeffmendoza
closed
5 months ago
0
Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.9.0 to 2.10.0
#504
dependabot[bot]
closed
6 months ago
0
[improvement] Allow app running with --once to exit with error when policy errors are encountered
#503
twelsh-aw
opened
6 months ago
1
Update issue in IssueRepo when change detected
#502
twelsh-aw
closed
6 months ago
1
[bug] Issue in member repo is updated/edited when org config IssueRepo is set centrally
#501
twelsh-aw
closed
6 months ago
1
Policy for checking for arbitrary file existence
#500
wesley-dean-flexion
opened
6 months ago
8
Bump gocloud.dev from 0.36.0 to 0.37.0
#499
dependabot[bot]
closed
6 months ago
0
Create GitHub private vulnerability reports as an action
#498
raghavkaul
opened
6 months ago
0
Switch to using a single worker
#497
jeffmendoza
closed
6 months ago
1
Change cache to avoid memory use
#496
jeffmendoza
closed
6 months ago
0
Avoid panic when workflow dir contains other dirs.
#495
jeffmendoza
closed
7 months ago
0
Avoid panic with scorecard logs.
#494
jeffmendoza
closed
7 months ago
0
Fix parsing of github action name.
#493
jeffmendoza
closed
7 months ago
0
Catch unknown scorecard check.
#492
jeffmendoza
closed
7 months ago
0
Bump sigstore/cosign-installer from 3.2.0 to 3.4.0
#491
dependabot[bot]
closed
7 months ago
0
Bump actions/dependency-review-action from 3 to 4
#490
dependabot[bot]
closed
7 months ago
0
Prevent enforcement of `Branch Protection` on archived repositories
#489
josephperrott
closed
3 months ago
1
Bump actions/upload-artifact from 3 to 4
#488
dependabot[bot]
closed
7 months ago
0
Bump github/codeql-action from 2 to 3
#487
dependabot[bot]
closed
7 months ago
0
Bump golangci/golangci-lint-action from 3 to 4
#486
dependabot[bot]
closed
7 months ago
0
Update a lot of go deps.
#485
jeffmendoza
closed
7 months ago
0
Having setup difficulty using ossf provided instance
#484
Pitta
opened
8 months ago
1
Don't create issues for dangerous workflows when we have an inconclus…
#483
coheigea
closed
8 months ago
3
OptConfig missing on GH action policies
#482
sakshi-1505
opened
9 months ago
0
FR: Add a check for pinned dependencies
#481
MartinPetkov
closed
9 months ago
4
Allstar not opening issue on a fork
#480
sakshi-1505
closed
9 months ago
2
Bump actions/setup-go from 4 to 5
#479
dependabot[bot]
closed
7 months ago
3
Change locking for Scorecard interface
#478
raghavkaul
closed
8 months ago
0
Update ossf/scorecard
#477
raghavkaul
closed
8 months ago
0
Parameterize max goroutines
#476
raghavkaul
closed
8 months ago
0
Previous
Next