issues
search
ossf
/
scorecard
OpenSSF Scorecard - Security health metrics for Open Source
https://scorecard.dev
Apache License 2.0
4.63k
stars
504
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
:seedling: add support for parsing azure devops urls
#4178
JamieMagee
closed
3 months ago
3
Feature: Support for Azure DevOps
#4177
JamieMagee
opened
5 months ago
3
:sparkles: Add important Go packages to projects.csv
#4176
aklevans
closed
4 months ago
9
BUG: Contributor check can be false positive
#4175
Zxilly
opened
5 months ago
2
BUG: scroreboard cannot recognize the GitHub Attestations
#4174
Zxilly
opened
5 months ago
1
:seedling: add stack info to osv-scanner error
#4172
Zxilly
closed
5 months ago
4
BUG: osv-scanner panic: runtime error: index out of range [0] with length 0
#4171
Zxilly
closed
4 months ago
8
:bug: fix: correct sarif json schema url
#4170
Zxilly
closed
5 months ago
0
:seedling: Bump google.golang.org/protobuf from 1.34.1 to 1.34.2
#4169
dependabot[bot]
closed
5 months ago
1
:seedling: Bump github.com/moby/buildkit from 0.13.2 to 0.14.0
#4168
dependabot[bot]
closed
5 months ago
1
:seedling: Hide maintainer annotation implementation details
#4167
spencerschrock
closed
5 months ago
0
:seedling: Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.1 to 1.6.0 in /tools
#4166
dependabot[bot]
closed
5 months ago
2
📖 Docs: Maintainer annotations
#4165
raghavkaul
closed
5 months ago
0
:seedling: Updates harden-runner egress policy to `block` from `audit`
#4163
bmuenzenmeyer
closed
4 months ago
2
🌱 maintainer annotations: improve annotation file validation
#4162
raghavkaul
closed
5 months ago
1
:seedling: Bump github.com/golangci/golangci-lint from 1.59.0 to 1.59.1 in /tools
#4161
dependabot[bot]
closed
5 months ago
1
:seedling: Bump golang from 1.22.3 to 1.22.4
#4160
dependabot[bot]
closed
5 months ago
0
:seedling: Bump the github-actions group across 1 directory with 3 updates
#4159
dependabot[bot]
closed
5 months ago
0
:seedling: Bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0
#4158
dependabot[bot]
closed
5 months ago
2
✨ Add support for Nuget restore
#4157
balteravishay
closed
4 months ago
12
Scorecard reports vulnerability to closed/fixed CVEs
#4156
randombit
closed
5 months ago
2
:book: Improve the REUSE parts of the License check
#4155
mxmehl
closed
5 months ago
3
:bug: keep SARIF runs and rules for exempted checks, only skip the results.
#4153
spencerschrock
closed
5 months ago
0
🌱 maintainer annotations: search for config
#4152
raghavkaul
closed
5 months ago
0
:warning: Make all ScorecardResult format options pointers
#4151
spencerschrock
closed
5 months ago
2
BUG: Scorecards for public repositories without issues sections won't be created
#4150
nwse-che
closed
5 months ago
4
:seedling: Bump github.com/onsi/ginkgo/v2 from 2.17.3 to 2.19.0 in /tools
#4149
dependabot[bot]
closed
6 months ago
2
:seedling: Bump golang.org/x/oauth2 from 0.20.0 to 0.21.0
#4148
dependabot[bot]
closed
6 months ago
2
:seedling: Add lifecycle field to probes
#4147
spencerschrock
closed
5 months ago
2
:warning: remove dependencydiff functionality
#4146
spencerschrock
closed
6 months ago
0
:bug: fix Unlicense detection
#4145
spencerschrock
closed
6 months ago
2
Unlicense not accepted as FSF or OSI approved
#4144
egecetin
closed
6 months ago
4
[Docs] Clarify licensing information for bigquery public dataset
#4143
sriumcp
opened
6 months ago
3
:seedling: Bump golang.org/x/text from 0.15.0 to 0.16.0
#4142
dependabot[bot]
closed
6 months ago
2
✨ probe: releases with verified provenance
#4141
raghavkaul
closed
6 months ago
1
:seedling: Bump github/codeql-action from 3.25.6 to 3.25.7 in the github-actions group
#4140
dependabot[bot]
closed
5 months ago
1
:seedling: Bump github.com/google/osv-scanner from 1.7.3 to 1.7.4
#4139
dependabot[bot]
closed
6 months ago
2
:seedling: Bump github.com/rhysd/actionlint from 1.7.0 to 1.7.1
#4138
dependabot[bot]
closed
6 months ago
2
:seedling: Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.10.0 to 2.11.0
#4137
dependabot[bot]
closed
6 months ago
2
Add @lelia as triager
#4136
lelia
closed
5 months ago
6
:sparkles: detect `sbt ci-release` packaging workflows
#4135
raboof
closed
6 months ago
0
:seedling: avoid assumptions about versions in tests
#4134
raboof
closed
6 months ago
1
Revert incorrect format changes caused by linter and convert windows line breaks to linux
#4133
aklevans
closed
6 months ago
1
:sparkles: announce where results are written
#4132
raboof
closed
6 months ago
1
:bug: fix Docker remediations for unpinned GHA dependencies
#4131
raboof
closed
6 months ago
6
:sparkles: Recognize scala-steward as dependency update tool
#4130
raboof
closed
6 months ago
1
:book: MAINTAINERS: Add details on the OpenSSF Scorecard Steering Committee
#4129
justaugustus
closed
6 months ago
0
:seedling: Bump the github-actions group with 2 updates
#4127
dependabot[bot]
closed
6 months ago
1
:seedling: Bump github.com/onsi/ginkgo/v2 from 2.17.3 to 2.19.0
#4126
dependabot[bot]
closed
6 months ago
2
:seedling: Bump github.com/golangci/golangci-lint from 1.58.1 to 1.59.0 in /tools
#4125
dependabot[bot]
closed
6 months ago
1
Previous
Next