add support for OpenSSF Security Scorecards

workloads / github-organization

Terraform-managed GitHub Resources

https://app.terraform.io/app/workloads/workspaces/github-organization

4 stars 2 forks source link

add support for OpenSSF Security Scorecards #9

Open ksatirli opened 1 year ago

ksatirli commented 1 year ago

See https://github.com/ossf/scorecard-action

Suggested checks to run:

scorecard \
    --repo="github.com/workloads/github-organization" \
    --checks="Binary-Artifacts,Branch-Protection,CI-Tests,Code-Review,Contributors,Dangerous-Workflow,Dependency-Update-Tool,License,Maintained,Pinned-Dependencies,SAST,Security-Policy,Token-Permissions,Vulnerabilities,Webhooks"