:sparkles: New probe for required MFA - Githubissues

ossf / scorecard

OpenSSF Scorecard - Security health metrics for Open Source

https://scorecard.dev

Apache License 2.0

4.61k stars 500 forks source link

:sparkles: New probe for required MFA #4398

Closed eddie-knight closed 3 days ago

eddie-knight commented 3 weeks ago

What kind of change does this PR introduce?

New Probe to check whether an organization has MFA enabled. Requires an authorized token. Only supports GitHub in the present state.

[x] PR title follows the guidelines defined in our pull request documentation

What is the current behavior?

What is the new behavior (if this is a feature change)?**

[x] Tests for the changes have been added (for bug fixes/features)

Which issue(s) this PR fixes

NONE

Special notes for your reviewer

Does this PR introduce a user-facing change?

For user-facing changes, please add a concise, human-readable release note to the release-note

(In particular, describe what changes users might need to make in their application as a result of this pull request.)

Added independent probe to validates that the organization requires MFA for all collaborators.

eddie-knight commented 3 weeks ago

Note that this follows #4391