issues
search
ossf
/
scorecard
OpenSSF Scorecard - Security health metrics for Open Source
https://scorecard.dev
Apache License 2.0
4.24k
stars
458
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
[DRAFT] governance: Draft Incubation application submission
#4200
justaugustus
opened
1 day ago
0
:seedling: Bump github.com/goreleaser/goreleaser/v2 from 2.0.0 to 2.0.1 in /tools
#4199
dependabot[bot]
closed
1 day ago
0
:seedling: Bump github.com/google/osv-scanner from 1.7.4 to 1.8.1
#4198
dependabot[bot]
opened
2 days ago
0
:seedling: Bump github.com/xanzy/go-gitlab from 0.105.0 to 0.106.0
#4197
dependabot[bot]
closed
1 day ago
0
:seedling: Bump cloud.google.com/go/pubsub from 1.38.0 to 1.40.0
#4196
dependabot[bot]
closed
2 days ago
1
:seedling: Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7
#4195
dependabot[bot]
closed
3 days ago
0
Synchronize community health files across OpenSSF Scorecard repos
#4194
justaugustus
opened
3 days ago
1
:seedling: Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7 in /tools
#4193
dependabot[bot]
closed
3 days ago
0
Test for security policy in other places than SECURITY.md
#4192
CsatariGergely
opened
4 days ago
0
CI check to check the results of CI tests
#4191
CsatariGergely
opened
4 days ago
0
:seedling: Bump the github-actions group across 1 directory with 3 updates
#4190
dependabot[bot]
closed
2 days ago
2
pip install with --hash is throwing PinnedDependenciesID
#4189
pdxjohnny
closed
3 days ago
5
:seedling: Bump github.com/moby/buildkit from 0.14.0 to 0.14.1
#4187
dependabot[bot]
closed
2 days ago
2
:seedling: Bump cloud.google.com/go/pubsub from 1.38.0 to 1.39.0
#4186
dependabot[bot]
closed
2 days ago
2
CI-Tests doesn't support Azure Pipelines
#4185
gdong1
closed
1 week ago
6
:book: Generate probe markdown documentation
#4184
spencerschrock
closed
1 week ago
0
:seedling: Bump github.com/spf13/cobra from 1.8.0 to 1.8.1
#4183
dependabot[bot]
closed
2 days ago
0
:seedling: Bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2
#4182
dependabot[bot]
closed
1 week ago
1
:seedling: Bump the github-actions group with 2 updates
#4181
dependabot[bot]
closed
5 days ago
1
:seedling: Bump golang from `969349b` to `c2010b9`
#4180
dependabot[bot]
closed
1 week ago
1
:seedling: Bump chainguard/static from `110b691` to `68b8855`
#4179
dependabot[bot]
closed
2 days ago
0
:seedling: add support for parsing azure devops urls
#4178
JamieMagee
opened
2 weeks ago
0
Feature: Support for Azure DevOps
#4177
JamieMagee
opened
2 weeks ago
0
:sparkles: Add important Go packages to projects.csv
#4176
aklevans
opened
2 weeks ago
8
BUG: Contributor check can be false positive
#4175
Zxilly
opened
2 weeks ago
0
BUG: scroreboard cannot recognize the GitHub Attestations
#4174
Zxilly
opened
2 weeks ago
1
BUG: report not found
#4173
chimera97
opened
2 weeks ago
2
:seedling: add stack info to osv-scanner error
#4172
Zxilly
closed
2 weeks ago
4
BUG: osv-scanner panic: runtime error: index out of range [0] with length 0
#4171
Zxilly
opened
2 weeks ago
2
:bug: fix: correct sarif json schema url
#4170
Zxilly
closed
2 weeks ago
0
:seedling: Bump google.golang.org/protobuf from 1.34.1 to 1.34.2
#4169
dependabot[bot]
closed
2 weeks ago
1
:seedling: Bump github.com/moby/buildkit from 0.13.2 to 0.14.0
#4168
dependabot[bot]
closed
2 weeks ago
1
:seedling: Hide maintainer annotation implementation details
#4167
spencerschrock
closed
2 weeks ago
0
:seedling: Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.1 to 1.6.0 in /tools
#4166
dependabot[bot]
closed
2 weeks ago
2
📖 Docs: Maintainer annotations
#4165
raghavkaul
closed
2 weeks ago
0
:seedling: Updates harden-runner egress policy to `block` from `audit`
#4163
bmuenzenmeyer
opened
2 weeks ago
2
🌱 maintainer annotations: improve annotation file validation
#4162
raghavkaul
opened
2 weeks ago
1
:seedling: Bump github.com/golangci/golangci-lint from 1.59.0 to 1.59.1 in /tools
#4161
dependabot[bot]
closed
2 weeks ago
1
:seedling: Bump golang from 1.22.3 to 1.22.4
#4160
dependabot[bot]
closed
2 weeks ago
0
:seedling: Bump the github-actions group across 1 directory with 3 updates
#4159
dependabot[bot]
closed
2 weeks ago
0
:seedling: Bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0
#4158
dependabot[bot]
closed
3 days ago
2
✨ Add support for Nuget restore
#4157
balteravishay
opened
3 weeks ago
11
Scorecard reports vulnerability to closed/fixed CVEs
#4156
randombit
closed
2 weeks ago
2
:book: Improve the REUSE parts of the License check
#4155
mxmehl
closed
2 weeks ago
3
:bug: keep SARIF runs and rules for exempted checks, only skip the results.
#4153
spencerschrock
closed
2 weeks ago
0
🌱 maintainer annotations: search for config
#4152
raghavkaul
closed
2 weeks ago
0
:warning: Make all ScorecardResult format options pointers
#4151
spencerschrock
closed
2 weeks ago
2
BUG: Scorecards for public repositories without issues sections won't be created
#4150
nwse-che
closed
2 weeks ago
4
:seedling: Bump github.com/onsi/ginkgo/v2 from 2.17.3 to 2.19.0 in /tools
#4149
dependabot[bot]
closed
3 weeks ago
2
:seedling: Bump golang.org/x/oauth2 from 0.20.0 to 0.21.0
#4148
dependabot[bot]
closed
3 weeks ago
2
Next