diff --git a/README.md b/README.md index 4528e50b..d22ebccb 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # OpenSSF Scorecard -[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/ossf/scorecard/badge)](https://securityscorecards.dev/viewer/?uri=github.com/ossf/scorecard) +[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/ossf/scorecard/badge)](https://scorecard.dev/viewer/?uri=github.com/ossf/scorecard) [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/5621/badge)](https://www.bestpractices.dev/projects/5621) ![build](https://github.com/ossf/scorecard/workflows/build/badge.svg?branch=main) ![CodeQL](https://github.com/ossf/scorecard/workflows/CodeQL/badge.svg?branch=main) @@ -100,11 +100,11 @@ metrics. Prominent projects that use Scorecard include: ### View a Project's Score To see scores for projects regularly scanned by Scorecard, navigate to the webviewer, replacing the placeholder text with the platform, user/org, and repository name: -https://securityscorecards.dev/viewer/?uri=.com//. +https://scorecard.dev/viewer/?uri=.com//. For example: - - [https://securityscorecards.dev/viewer/?uri=github.com/ossf/scorecard](https://securityscorecards.dev/viewer/?uri=github.com/ossf/scorecard) - - [https://securityscorecards.dev/viewer/?uri=gitlab.com/fdroid/fdroidclient](https://securityscorecards.dev/viewer/?uri=gitlab.com/fdroid/fdroidclient) + - [https://scorecard.dev/viewer/?uri=github.com/ossf/scorecard](https://scorecard.dev/viewer/?uri=github.com/ossf/scorecard) + - [https://scorecard.dev/viewer/?uri=gitlab.com/fdroid/fdroidclient](https://scorecard.dev/viewer/?uri=gitlab.com/fdroid/fdroidclient) To view scores for projects not included in the webviewer, use the [Scorecard CLI](#scorecard-command-line-interface). @@ -161,7 +161,7 @@ Action ### Scorecard REST API -To query pre-calculated scores of OSS projects, use the [REST API](https://api.securityscorecards.dev). +To query pre-calculated scores of OSS projects, use the [REST API](https://api.scorecard.dev). To enable your project to be available on the REST API, set [`publish_results: true`](https://github.com/ossf/scorecard-action/blob/dd5015aaf9688596b0e6d11e7f24fff566aa366b/action.yaml#L35) @@ -178,7 +178,7 @@ hard work. This badge also auto-updates for every change made to the repository. To include a badge on your project's repository, simply add the following markdown to your README: ``` -[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/{owner}/{repo}/badge)](https://securityscorecards.dev/viewer/?uri=github.com/{owner}/{repo}) +[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/{owner}/{repo}/badge)](https://scorecard.dev/viewer/?uri=github.com/{owner}/{repo}) ``` ### Scorecard Command Line Interface diff --git a/docs/faq.md b/docs/faq.md index 18deacf6..ce7376e8 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -25,11 +25,11 @@ This page answers frequently asked questions about Scorecard, including its purp Yes. -Over a million projects are automatically tracked by the Scorecard project. Use the webviewer to see these scores, replacing the placeholder text with the platform, user/org, and repository name: https://securityscorecards.dev/viewer/?uri=.com//. +Over a million projects are automatically tracked by the Scorecard project. Use the webviewer to see these scores, replacing the placeholder text with the platform, user/org, and repository name: https://scorecard.dev/viewer/?uri=.com//. For example: - - [https://securityscorecards.dev/viewer/?uri=github.com/ossf/scorecard](https://securityscorecards.dev/viewer/?uri=github.com/ossf/scorecard) - - [https://securityscorecards.dev/viewer/?uri=gitlab.com/fdroid/fdroidclient](https://securityscorecards.dev/viewer/?uri=gitlab.com/fdroid/fdroidclient) + - [https://scorecard.dev/viewer/?uri=github.com/ossf/scorecard](https://scorecard.dev/viewer/?uri=github.com/ossf/scorecard) + - [https://scorecard.dev/viewer/?uri=gitlab.com/fdroid/fdroidclient](https://scorecard.dev/viewer/?uri=gitlab.com/fdroid/fdroidclient) You can also use the CLI to generate scores for any public repository by following these steps: