issues
search
ossf
/
scorecard
OpenSSF Scorecard - Security health metrics for Open Source
https://scorecard.dev
Apache License 2.0
4.24k
stars
460
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
:seedling: Bump github.com/onsi/ginkgo/v2 from 2.17.3 to 2.19.0 in /tools
#4149
dependabot[bot]
closed
3 weeks ago
2
:seedling: Bump golang.org/x/oauth2 from 0.20.0 to 0.21.0
#4148
dependabot[bot]
closed
3 weeks ago
2
:seedling: Add lifecycle field to probes
#4147
spencerschrock
opened
3 weeks ago
1
:warning: remove dependencydiff functionality
#4146
spencerschrock
closed
3 weeks ago
0
:bug: fix Unlicense detection
#4145
spencerschrock
closed
3 weeks ago
2
Unlicense not accepted as FSF or OSI approved
#4144
egecetin
closed
3 weeks ago
4
[Docs] Clarify licensing information for bigquery public dataset
#4143
sriumcp
opened
3 weeks ago
2
:seedling: Bump golang.org/x/text from 0.15.0 to 0.16.0
#4142
dependabot[bot]
closed
3 weeks ago
2
✨ probe: releases with verified provenance
#4141
raghavkaul
closed
3 weeks ago
1
:seedling: Bump github/codeql-action from 3.25.6 to 3.25.7 in the github-actions group
#4140
dependabot[bot]
closed
3 weeks ago
1
:seedling: Bump github.com/google/osv-scanner from 1.7.3 to 1.7.4
#4139
dependabot[bot]
closed
3 weeks ago
2
:seedling: Bump github.com/rhysd/actionlint from 1.7.0 to 1.7.1
#4138
dependabot[bot]
closed
3 weeks ago
2
:seedling: Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.10.0 to 2.11.0
#4137
dependabot[bot]
closed
3 weeks ago
2
Add @lelia as triager
#4136
lelia
closed
2 weeks ago
6
:sparkles: detect `sbt ci-release` packaging workflows
#4135
raboof
closed
4 weeks ago
0
:seedling: avoid assumptions about versions in tests
#4134
raboof
closed
1 month ago
1
Revert incorrect format changes caused by linter and convert windows line breaks to linux
#4133
aklevans
closed
1 month ago
1
:sparkles: announce where results are written
#4132
raboof
closed
3 weeks ago
1
:bug: fix Docker remediations for unpinned GHA dependencies
#4131
raboof
closed
1 month ago
6
:sparkles: Recognize scala-steward as dependency update tool
#4130
raboof
closed
1 month ago
1
:book: MAINTAINERS: Add details on the OpenSSF Scorecard Steering Committee
#4129
justaugustus
closed
1 month ago
0
:seedling: Bump the github-actions group with 2 updates
#4127
dependabot[bot]
closed
1 month ago
1
:seedling: Bump github.com/onsi/ginkgo/v2 from 2.17.3 to 2.19.0
#4126
dependabot[bot]
closed
1 month ago
2
:seedling: Bump github.com/golangci/golangci-lint from 1.58.1 to 1.59.0 in /tools
#4125
dependabot[bot]
closed
4 weeks ago
1
Gap Analysis - Concise Guide for Evaluating Open Source Software
#4124
afmarcum
opened
1 month ago
0
📖 Add repository guidelines e.g., for project donations
#4123
justaugustus
closed
1 month ago
2
:seedling: Bump github.com/goreleaser/goreleaser from 1.26.1 to 1.26.2 in /tools
#4122
dependabot[bot]
closed
4 weeks ago
1
:seedling: Bump github.com/onsi/ginkgo/v2 from 2.17.3 to 2.18.0
#4121
dependabot[bot]
closed
1 month ago
1
:seedling: Bump github.com/go-logr/logr from 1.4.1 to 1.4.2
#4120
dependabot[bot]
closed
1 month ago
0
Feature: Check for SBOMs in CI/CD Artifacts as well as releases
#4119
ashearin
opened
1 month ago
0
🐛 Use direct endpoint instead of search to find repository URL from npm database
#4118
aklevans
closed
3 weeks ago
9
:seedling: Bump github.com/golangci/golangci-lint from 1.58.1 to 1.58.2 in /tools
#4117
dependabot[bot]
closed
1 month ago
1
:seedling: Bump actions/checkout from 4.1.5 to 4.1.6 in the github-actions group
#4116
dependabot[bot]
closed
1 month ago
0
:seedling: Bump golang from `b1e05e2` to `f43c6f0` in /attestor
#4115
dependabot[bot]
closed
1 month ago
0
:seedling: Bump golang from `b1e05e2` to `f43c6f0`
#4114
dependabot[bot]
closed
1 month ago
1
✨ move to cgr base image
#4113
naveensrinivasan
closed
2 weeks ago
4
:seedling: Bump github.com/google/ko from 0.15.2 to 0.15.3 in /tools
#4112
dependabot[bot]
closed
1 month ago
2
:seedling: fix(cron/internal/data): rename Cactus to Cacti
#4111
petermetz
closed
1 month ago
0
:seedling: Bump github.com/goreleaser/goreleaser from 1.25.1 to 1.26.1 in /tools
#4110
dependabot[bot]
closed
1 month ago
2
:seedling: Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 in /tools
#4109
dependabot[bot]
closed
1 month ago
2
:seedling: Bump github.com/golangci/golangci-lint from 1.57.2 to 1.58.1 in /tools
#4108
dependabot[bot]
closed
1 month ago
2
:seedling: Bump sigs.k8s.io/release-utils from 0.8.1 to 0.8.2
#4107
dependabot[bot]
closed
1 month ago
3
:warning: Simplify RunScorecard with functional optionals
#4106
spencerschrock
closed
2 weeks ago
2
:seedling: Bump the github-actions group across 1 directory with 3 updates
#4105
dependabot[bot]
closed
1 month ago
1
⚠️ Add ProjectPackageVersions to raw data collection
#4104
raghavkaul
closed
1 month ago
12
:seedling: Bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0
#4103
dependabot[bot]
closed
1 month ago
3
:seedling: Bump the github-actions group with 3 updates
#4102
dependabot[bot]
closed
1 month ago
2
:seedling: Bump github.com/google/osv-scanner from 1.7.2 to 1.7.3
#4101
dependabot[bot]
closed
1 month ago
0
:seedling: Bump github.com/rhysd/actionlint from 1.6.27 to 1.7.0
#4100
dependabot[bot]
closed
1 month ago
2
:seedling: Bump github.com/xanzy/go-gitlab from 0.103.0 to 0.105.0
#4099
dependabot[bot]
closed
1 month ago
2
Previous
Next