Enable Dangerous-Workflow & License checks for v4 (#1471)

Co-authored-by: Azeem Shaikh <azeems@google.com>

cmd/root.go

@@ -346,14 +346,6 @@ func isSupportedCheck(names []string, name string) bool {
 func getAllChecks() checker.CheckNameToFnMap {
 	// Returns the full list of checks, given any environment variable constraints.
 	possibleChecks := checks.AllChecks
-	// TODO: Remove this to enable the DANGEROUS_WORKFLOW by default in the next release.
-	if _, dangerousWorkflowCheck := os.LookupEnv("ENABLE_DANGEROUS_WORKFLOW"); !dangerousWorkflowCheck {
-		delete(possibleChecks, checks.CheckDangerousWorkflow)
-	}
-	// TODO: Remove this to enable the LICENSE_CHECK by default in the next release.
-	if _, licenseflowCheck := os.LookupEnv("ENABLE_LICENSE"); !licenseflowCheck {
-		delete(possibleChecks, checks.CheckLicense)
-	}
 	return possibleChecks
 }
 

cron/config/config.yaml

@@ -24,8 +24,7 @@ webhook-url:
 cii-data-bucket-url: gs://ossf-scorecard-cii-data
 # TODO: Temporarily remove SAST and CI-Tests which require lot of GitHub API tokens.
 # TODO(#859): Re-add Contributors after fixing inconsistencies.
-# TODO: Add Dangerous-Workflow in v4
-blacklisted-checks: SAST,CI-Tests,Contributors,Dangerous-Workflow
+blacklisted-checks: SAST,CI-Tests,Contributors
 metric-exporter: stackdriver
 # UPGRADEv2: to remove.
 result-data-bucket-url-v2: gs://ossf-scorecard-data2

cron/config/config_test.go

@@ -33,7 +33,7 @@ const (
 	prodCompletionThreshold        = 0.99
 	prodWebhookURL                 = ""
 	prodCIIDataBucket              = "gs://ossf-scorecard-cii-data"
-	prodBlacklistedChecks          = "SAST,CI-Tests,Contributors,Dangerous-Workflow"
+	prodBlacklistedChecks          = "SAST,CI-Tests,Contributors"
 	prodShardSize           int    = 10
 	prodMetricExporter      string = "stackdriver"
 	// UPGRADEv2: to remove.