issues
search
ossf
/
scorecard
OpenSSF Scorecard - Security health metrics for Open Source
https://scorecard.dev
Apache License 2.0
4.25k
stars
460
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Feature: Recognize Woodpecker-CI as a well-known CI
#4210
6543
opened
1 hour ago
0
Feature: support gitea forge
#4209
6543
opened
1 hour ago
0
:seedling: Migrate other RunScorecard callers
#4208
spencerschrock
opened
3 hours ago
0
:seedling: Use new entrypoint for cron worker
#4207
spencerschrock
opened
3 hours ago
0
:seedling: Adding 377 Intel owned repositories that aren't currently scanned by Scorecard
#4206
ware
closed
8 hours ago
0
Add Adrianne Marcum (@afmarcum) as a triager
#4205
justaugustus
opened
12 hours ago
1
:seedling: Use new entrypoint for scdiff
#4204
spencerschrock
opened
13 hours ago
2
:seedling: Use new Scorecard entrypoint for CLI
#4203
spencerschrock
opened
14 hours ago
0
:seedling: Bump github/codeql-action from 3.25.10 to 3.25.11 in the github-actions group
#4202
dependabot[bot]
opened
2 days ago
0
ossf.yml
#4201
MichaelBiegluk
closed
1 day ago
1
[DRAFT] governance: Draft Incubation application submission
#4200
justaugustus
opened
5 days ago
0
:seedling: Bump github.com/goreleaser/goreleaser/v2 from 2.0.0 to 2.0.1 in /tools
#4199
dependabot[bot]
closed
5 days ago
0
:seedling: Bump github.com/google/osv-scanner from 1.7.4 to 1.8.1
#4198
dependabot[bot]
closed
1 day ago
0
:seedling: Bump github.com/xanzy/go-gitlab from 0.105.0 to 0.106.0
#4197
dependabot[bot]
closed
5 days ago
0
:seedling: Bump cloud.google.com/go/pubsub from 1.38.0 to 1.40.0
#4196
dependabot[bot]
closed
6 days ago
1
:seedling: Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7
#4195
dependabot[bot]
closed
1 week ago
0
Synchronize community health files across OpenSSF Scorecard repos
#4194
justaugustus
opened
1 week ago
1
:seedling: Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7 in /tools
#4193
dependabot[bot]
closed
1 week ago
0
Test for security policy in other places than SECURITY.md
#4192
CsatariGergely
opened
1 week ago
0
CI check to check the results of CI tests
#4191
CsatariGergely
opened
1 week ago
0
:seedling: Bump the github-actions group across 1 directory with 3 updates
#4190
dependabot[bot]
closed
6 days ago
2
pip install with --hash is throwing PinnedDependenciesID
#4189
pdxjohnny
closed
1 week ago
5
:seedling: Bump github.com/moby/buildkit from 0.14.0 to 0.14.1
#4187
dependabot[bot]
closed
6 days ago
2
:seedling: Bump cloud.google.com/go/pubsub from 1.38.0 to 1.39.0
#4186
dependabot[bot]
closed
6 days ago
2
CI-Tests doesn't support Azure Pipelines
#4185
gdong1
closed
2 weeks ago
6
:book: Generate probe markdown documentation
#4184
spencerschrock
closed
1 week ago
0
:seedling: Bump github.com/spf13/cobra from 1.8.0 to 1.8.1
#4183
dependabot[bot]
closed
6 days ago
0
:seedling: Bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2
#4182
dependabot[bot]
closed
2 weeks ago
1
:seedling: Bump the github-actions group with 2 updates
#4181
dependabot[bot]
closed
1 week ago
1
:seedling: Bump golang from `969349b` to `c2010b9`
#4180
dependabot[bot]
closed
2 weeks ago
1
:seedling: Bump chainguard/static from `110b691` to `68b8855`
#4179
dependabot[bot]
closed
6 days ago
0
:seedling: add support for parsing azure devops urls
#4178
JamieMagee
opened
2 weeks ago
1
Feature: Support for Azure DevOps
#4177
JamieMagee
opened
2 weeks ago
0
:sparkles: Add important Go packages to projects.csv
#4176
aklevans
opened
2 weeks ago
9
BUG: Contributor check can be false positive
#4175
Zxilly
opened
2 weeks ago
1
BUG: scroreboard cannot recognize the GitHub Attestations
#4174
Zxilly
opened
2 weeks ago
1
BUG: report not found
#4173
chimera97
opened
2 weeks ago
2
:seedling: add stack info to osv-scanner error
#4172
Zxilly
closed
2 weeks ago
4
BUG: osv-scanner panic: runtime error: index out of range [0] with length 0
#4171
Zxilly
opened
2 weeks ago
5
:bug: fix: correct sarif json schema url
#4170
Zxilly
closed
2 weeks ago
0
:seedling: Bump google.golang.org/protobuf from 1.34.1 to 1.34.2
#4169
dependabot[bot]
closed
2 weeks ago
1
:seedling: Bump github.com/moby/buildkit from 0.13.2 to 0.14.0
#4168
dependabot[bot]
closed
2 weeks ago
1
:seedling: Hide maintainer annotation implementation details
#4167
spencerschrock
closed
2 weeks ago
0
:seedling: Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.1 to 1.6.0 in /tools
#4166
dependabot[bot]
closed
2 weeks ago
2
📖 Docs: Maintainer annotations
#4165
raghavkaul
closed
2 weeks ago
0
:seedling: Updates harden-runner egress policy to `block` from `audit`
#4163
bmuenzenmeyer
opened
3 weeks ago
2
🌱 maintainer annotations: improve annotation file validation
#4162
raghavkaul
closed
19 hours ago
1
:seedling: Bump github.com/golangci/golangci-lint from 1.59.0 to 1.59.1 in /tools
#4161
dependabot[bot]
closed
3 weeks ago
1
:seedling: Bump golang from 1.22.3 to 1.22.4
#4160
dependabot[bot]
closed
3 weeks ago
0
:seedling: Bump the github-actions group across 1 directory with 3 updates
#4159
dependabot[bot]
closed
3 weeks ago
0
Next