issues
search
ossf
/
scorecard
OpenSSF Scorecard - Security health metrics for Open Source
https://scorecard.dev
Apache License 2.0
4.63k
stars
504
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
:book: Updated CI-Test description
#4275
Jordin221
closed
3 months ago
0
:seedling: skip failing GitHub status e2e test temporarily
#4274
spencerschrock
closed
4 months ago
0
Investigate GitHub commit status failures
#4273
spencerschrock
opened
4 months ago
1
Update Code Section Format in Readme
#4272
Jordin221
opened
4 months ago
2
:book: Updated Vulnerability Check Description.
#4271
klbynum
closed
3 months ago
0
:book: Fix typo in branch protections details
#4270
martincostello
closed
4 months ago
0
Apetree100122 patch 2
#4269
Apetree100122
closed
4 months ago
2
Update root.go
#4268
Apetree100122
closed
4 months ago
0
:seedling: Bump github.com/docker/docker from 26.1.3+incompatible to 26.1.4+incompatible in /tools
#4267
dependabot[bot]
closed
4 months ago
4
:seedling: Bump github.com/onsi/gomega from 1.33.1 to 1.34.1
#4266
dependabot[bot]
closed
4 months ago
0
:seedling: Bump github.com/moby/buildkit from 0.15.0 to 0.15.1
#4265
dependabot[bot]
closed
4 months ago
0
:seedling: Bump the github-actions group with 2 updates
#4264
dependabot[bot]
closed
4 months ago
1
:seedling: Bump chainguard/static from `e78eb21` to `d751850`
#4263
dependabot[bot]
closed
4 months ago
0
:book: Updated Scorecard link in README.md
#4262
Wavyeli32
closed
3 months ago
0
:seedling: Bump github.com/onsi/gomega from 1.33.1 to 1.34.0
#4261
dependabot[bot]
closed
4 months ago
1
:seedling: Bump gocloud.dev from 0.37.0 to 0.38.0
#4260
dependabot[bot]
closed
4 months ago
0
:bug: Update Org RepoClient creation to use transport from parent Client
#4259
jeffmendoza
closed
4 months ago
2
Documentation: Document how to call Scorecard as a library.
#4258
jeffmendoza
opened
4 months ago
2
Feature scorecard.Run() should take a leveled logging object/interface instead of or alternatively to log level.
#4257
jeffmendoza
opened
4 months ago
3
Feature: scorecard.Run() should accept an http.RoundTripper to be used for all outgoing http requests
#4256
jeffmendoza
opened
4 months ago
3
BUG githubrepo.Client.GetOrgRepoClient() does not use parent Client transport
#4255
jeffmendoza
closed
4 months ago
3
Request: make the internal/packageclient package not internal
#4254
jeffmendoza
closed
4 months ago
5
Feature: Checks should support powershell scripts
#4253
balteravishay
opened
4 months ago
0
BUG: .Net pinned dependency should support Central Package Management
#4252
balteravishay
opened
4 months ago
1
BUG: .Net Pinned dependency check ignores using RestoreLockedMode
#4251
balteravishay
closed
2 months ago
0
:seedling: Bump cloud.google.com/go/bigquery from 1.61.0 to 1.62.0
#4250
dependabot[bot]
closed
4 months ago
1
:seedling: Bump the github-actions group across 1 directory with 4 updates
#4249
dependabot[bot]
closed
4 months ago
0
:seedling: Bump chainguard/static from `d94c01c` to `e78eb21`
#4248
dependabot[bot]
closed
4 months ago
0
Incorrectly formatted example link
#4247
JeremiahAHoward
closed
3 months ago
2
restore ability to see individual PR results for SAST and Code-Review and document it
#4245
spencerschrock
opened
4 months ago
1
:seedling: Bump github.com/google/go-containerregistry from 0.20.0 to 0.20.1
#4244
dependabot[bot]
closed
4 months ago
1
:seedling: Bump github.com/xanzy/go-gitlab from 0.106.0 to 0.107.0
#4243
dependabot[bot]
closed
4 months ago
0
:book: mark codeApproved and sastToolRunsOnAllCommits as experimental
#4242
spencerschrock
closed
4 months ago
1
Bug: tools/go.mod has invalid Go version 1.22
#4241
jpmcb
closed
4 months ago
3
:seedling: Bump github.com/goreleaser/goreleaser/v2 from 2.0.1 to 2.1.0 in /tools
#4240
dependabot[bot]
closed
4 months ago
0
:seedling: Bump actions/setup-go from 5.0.1 to 5.0.2
#4239
dependabot[bot]
closed
4 months ago
0
:seedling: Bump the github-actions group with 2 updates
#4238
dependabot[bot]
closed
4 months ago
1
BUG Sonarcloud not detected consistently
#4237
matmair
closed
4 months ago
4
:seedling: Bump github.com/moby/buildkit from 0.14.1 to 0.15.0
#4236
dependabot[bot]
closed
4 months ago
0
📖 Docs: Remove experimental language around maintainer annotations
#4235
raghavkaul
closed
4 months ago
0
:seedling: Bump github.com/google/osv-scanner from 1.8.1 to 1.8.2
#4234
dependabot[bot]
closed
4 months ago
3
:seedling: Bump google.golang.org/grpc from 1.64.0 to 1.64.1
#4233
dependabot[bot]
closed
4 months ago
1
:seedling: Add config e2e test and fix README
#4232
spencerschrock
closed
4 months ago
1
:sparkles: remove experimental gate on maintainer annotation parsing
#4231
spencerschrock
closed
4 months ago
0
:warning: rename annotation IsExempted to Annotations
#4230
spencerschrock
closed
4 months ago
0
:seedling: Bump github.com/google/go-containerregistry from 0.19.2 to 0.20.0
#4229
dependabot[bot]
closed
4 months ago
1
:seedling: Bump sigs.k8s.io/release-utils from 0.8.2 to 0.8.3
#4228
dependabot[bot]
closed
4 months ago
1
:warning: Rename top level package to scorecard and reduce name duplication
#4227
spencerschrock
closed
4 months ago
3
🌱 Update active `cisco` projects, remove `cisco-open` projects
#4226
lelia
closed
4 months ago
2
:warning: Delete dependency diff leftover file
#4225
spencerschrock
closed
4 months ago
0
Previous
Next