issues
search
ossf
/
scorecard
OpenSSF Scorecard - Security health metrics for Open Source
https://scorecard.dev
Apache License 2.0
4.61k
stars
500
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
:seedling: Bump github.com/google/osv-scanner from 1.8.5 to 1.9.0
#4367
dependabot[bot]
closed
1 month ago
4
:seedling: Bump github.com/golangci/golangci-lint from 1.60.1 to 1.61.0 in /tools
#4366
dependabot[bot]
closed
1 month ago
1
:seedling: Bump github.com/rhysd/actionlint from 1.7.2 to 1.7.3
#4365
dependabot[bot]
closed
1 month ago
0
:seedling: Bump the github-actions group with 2 updates
#4364
dependabot[bot]
closed
1 month ago
0
:seedling: Bump the golang group across 8 directories with 1 update
#4363
dependabot[bot]
closed
1 month ago
1
Wrong link in /docs/checks.md file
#4362
AleX04Nov
closed
1 month ago
1
:seedling: Bump github.com/goreleaser/goreleaser/v2 from 2.1.0 to 2.3.2 in /tools
#4361
dependabot[bot]
closed
1 month ago
0
:seedling: Bump cloud.google.com/go/bigquery from 1.62.0 to 1.63.0
#4360
dependabot[bot]
closed
1 month ago
1
:seedling: Bump golang.org/x/text from 0.17.0 to 0.18.0
#4359
dependabot[bot]
closed
1 month ago
2
:seedling: Bump github.com/rhysd/actionlint from 1.7.1 to 1.7.2
#4358
dependabot[bot]
closed
1 month ago
0
:seedling: Bump sigs.k8s.io/release-utils from 0.8.4 to 0.8.5
#4357
dependabot[bot]
closed
1 month ago
2
:seedling: Bump the github-actions group across 1 directory with 2 updates
#4356
dependabot[bot]
closed
1 month ago
0
:seedling: Bump github.com/google/osv-scanner from 1.8.4 to 1.8.5
#4355
dependabot[bot]
closed
1 month ago
2
:seedling: Bump the golang group across 8 directories with 1 update
#4354
dependabot[bot]
closed
2 months ago
1
Public GH repo is getting 422 Validation Failed
#4352
diberry
opened
2 months ago
1
:sparkles: Support Nuget Pinned Dependency with RestoreLockedMode attribute
#4351
balteravishay
closed
1 month ago
3
:seedling: Bump cloud.google.com/go/pubsub from 1.42.0 to 1.43.0
#4350
dependabot[bot]
closed
1 month ago
0
:seedling: Bump the golang group across 8 directories with 1 update
#4349
dependabot[bot]
closed
2 months ago
2
:seedling: Bump the github-actions group with 2 updates
#4348
dependabot[bot]
closed
2 months ago
2
BUG: scorecard does not recognize BSD-2-Clause-Patent license.
#4347
grom72
closed
2 months ago
3
error fix
#4346
mcneilrp1
closed
2 months ago
0
:seedling: Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0
#4345
dependabot[bot]
closed
1 month ago
2
:seedling: Bump github.com/moby/buildkit from 0.15.1 to 0.16.0
#4344
dependabot[bot]
closed
2 months ago
1
:seedling: Bump the distroless group across 6 directories with 1 update
#4343
dependabot[bot]
closed
1 month ago
2
:seedling: Bump the golang group across 8 directories with 1 update
#4342
dependabot[bot]
closed
2 months ago
1
:seedling: Bump github.com/xanzy/go-gitlab from 0.107.0 to 0.109.0
#4341
dependabot[bot]
closed
2 months ago
0
BUG: Seeing cert error on https://www.bestpractices.dev/
#4340
nitrocode
closed
2 months ago
2
Proposal: Improved experience for large-scale (multi-org, multi-repo) deployment of Scorecard
#4339
lelia
opened
2 months ago
1
Proposal: Define clear expectations for Triager role in contributor ladder
#4338
lelia
opened
2 months ago
3
✨ Add woodpecker as known CI
#4336
6543
closed
2 months ago
3
:ghost: git ignore vendor folder
#4335
6543
closed
2 months ago
4
📖 Fix SBOM-Everywhere link
#4334
evankanderson
closed
1 month ago
1
Feature: Managed Github App per org instead of github action per repo
#4333
nitrocode
opened
2 months ago
3
:seedling: Bump github.com/onsi/gomega from 1.34.1 to 1.34.2
#4332
dependabot[bot]
closed
2 months ago
0
:seedling: Bump github.com/xanzy/go-gitlab from 0.107.0 to 0.108.0
#4331
dependabot[bot]
closed
2 months ago
1
:seedling: Bump github.com/moby/buildkit from 0.15.1 to 0.15.2
#4330
dependabot[bot]
closed
2 months ago
2
BUG: Missing data for repository
#4329
nitrocode
closed
2 months ago
2
:seedling: Bump actions/upload-artifact from 4.3.6 to 4.4.0 in the github-actions group
#4328
dependabot[bot]
closed
2 months ago
0
:seedling: Bump the golang group across 8 directories with 1 update
#4327
dependabot[bot]
closed
2 months ago
2
Method for providing certificates for private GitLab server
#4326
gcatto
opened
2 months ago
1
:seedling: Bump mvdan.cc/sh/v3 from 3.8.0 to 3.9.0
#4325
dependabot[bot]
closed
2 months ago
2
:seedling: Bump cloud.google.com/go/pubsub from 1.41.0 to 1.42.0
#4324
dependabot[bot]
closed
2 months ago
0
✨ Update SPDX license list, source for license data
#4323
lelia
closed
2 months ago
0
:seedling: Require minimum version of Go 1.22.0
#4322
spencerschrock
closed
2 months ago
1
:seedling: Bump github/codeql-action from 3.26.0 to 3.26.6 in the github-actions group across 1 directory
#4321
dependabot[bot]
closed
2 months ago
0
:seedling: Bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.20.2 in /tools
#4320
dependabot[bot]
closed
2 months ago
1
:seedling: Bump github.com/onsi/ginkgo/v2 from 2.19.1 to 2.20.2
#4319
dependabot[bot]
closed
2 months ago
2
:book: clarify project goals and non-goals
#4318
spencerschrock
closed
1 month ago
1
:book: explicitly state both check documentation files are committed
#4317
spencerschrock
closed
2 months ago
1
Remediation for github branch protection :book:
#4316
pethers
closed
2 months ago
3
Previous
Next