⚠️ Rename top level package to scorecard and reduce name duplication (#4227)

* move files to scorecard package

Signed-off-by: Spencer Schrock <sschrock@google.com>

* remove repetition from ScorecardResult

Signed-off-by: Spencer Schrock <sschrock@google.com>

* update comments

Signed-off-by: Spencer Schrock <sschrock@google.com>

* remove RunScorecard function

Signed-off-by: Spencer Schrock <sschrock@google.com>

* add docstrings

Signed-off-by: Spencer Schrock <sschrock@google.com>

---------

Signed-off-by: Spencer Schrock <sschrock@google.com>

.gitignore

@@ -1,5 +1,6 @@
 # binary.
 scorecard
+!pkg/scorecard
 attestor/scorecard-attestor
 scorecard.docker
 scorecard.releaser

attestor/command/check.go

@@ -22,7 +22,7 @@ import (
 	"github.com/ossf/scorecard/v5/attestor/policy"
 	"github.com/ossf/scorecard/v5/checker"
 	sclog "github.com/ossf/scorecard/v5/log"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 type EmptyParameterError struct {
@@ -91,16 +91,16 @@ func RunCheckWithParams(repoURL, commitSHA, policyPath string) (policy.PolicyRes
 		}
 	}
 
-	repoResult, err := pkg.Run(ctx, repo,
-		pkg.WithCommitSHA(commitSHA),
-		pkg.WithChecks(enabledChecks),
-		pkg.WithRepoClient(repoClient),
-		pkg.WithOSSFuzzClient(ossFuzzRepoClient),
-		pkg.WithOpenSSFBestPraticesClient(ciiClient),
-		pkg.WithVulnerabilitiesClient(vulnsClient),
+	repoResult, err := scorecard.Run(ctx, repo,
+		scorecard.WithCommitSHA(commitSHA),
+		scorecard.WithChecks(enabledChecks),
+		scorecard.WithRepoClient(repoClient),
+		scorecard.WithOSSFuzzClient(ossFuzzRepoClient),
+		scorecard.WithOpenSSFBestPraticesClient(ciiClient),
+		scorecard.WithVulnerabilitiesClient(vulnsClient),
 	)
 	if err != nil {
-		return policy.Fail, fmt.Errorf("RunScorecard: %w", err)
+		return policy.Fail, fmt.Errorf("scorecard.Run: %w", err)
 	}
 
 	result, err := attestationPolicy.EvaluateResults(&repoResult.RawResults)

cmd/internal/scdiff/app/compare.go

@@ -27,7 +27,7 @@ import (
 
 	"github.com/ossf/scorecard/v5/cmd/internal/scdiff/app/compare"
 	"github.com/ossf/scorecard/v5/cmd/internal/scdiff/app/format"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 //nolint:gochecknoinits // common for cobra apps
@@ -93,14 +93,14 @@ func compareReaders(x, y io.Reader, output io.Writer) error {
 	return nil
 }
 
-func loadResults(x, y *bufio.Scanner) (pkg.ScorecardResult, pkg.ScorecardResult, error) {
-	xResult, _, err := pkg.ExperimentalFromJSON2(strings.NewReader(x.Text()))
+func loadResults(x, y *bufio.Scanner) (scorecard.Result, scorecard.Result, error) {
+	xResult, _, err := scorecard.ExperimentalFromJSON2(strings.NewReader(x.Text()))
 	if err != nil {
-		return pkg.ScorecardResult{}, pkg.ScorecardResult{}, fmt.Errorf("parsing first result: %w", err)
+		return scorecard.Result{}, scorecard.Result{}, fmt.Errorf("parsing first result: %w", err)
 	}
-	yResult, _, err := pkg.ExperimentalFromJSON2(strings.NewReader(y.Text()))
+	yResult, _, err := scorecard.ExperimentalFromJSON2(strings.NewReader(y.Text()))
 	if err != nil {
-		return pkg.ScorecardResult{}, pkg.ScorecardResult{}, fmt.Errorf("parsing second result: %w", err)
+		return scorecard.Result{}, scorecard.Result{}, fmt.Errorf("parsing second result: %w", err)
 	}
 	format.Normalize(&xResult)
 	format.Normalize(&yResult)

cmd/internal/scdiff/app/compare/compare.go

@@ -14,10 +14,10 @@
 
 package compare
 
-import "github.com/ossf/scorecard/v5/pkg"
+import "github.com/ossf/scorecard/v5/pkg/scorecard"
 
 // results should be normalized before comparison.
-func Results(r1, r2 *pkg.ScorecardResult) bool {
+func Results(r1, r2 *scorecard.Result) bool {
 	if r1 == nil && r2 == nil {
 		return true
 	}
@@ -40,7 +40,7 @@ func Results(r1, r2 *pkg.ScorecardResult) bool {
 	return true
 }
 
-func compareChecks(r1, r2 *pkg.ScorecardResult) bool {
+func compareChecks(r1, r2 *scorecard.Result) bool {
 	if len(r1.Checks) != len(r2.Checks) {
 		return false
 	}

cmd/internal/scdiff/app/compare/compare_test.go

@@ -18,7 +18,7 @@ import (
 	"testing"
 
 	"github.com/ossf/scorecard/v5/checker"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 func TestResults(t *testing.T) {
@@ -26,7 +26,7 @@ func TestResults(t *testing.T) {
 	//nolint:govet // field alignment
 	tests := []struct {
 		name      string
-		a, b      *pkg.ScorecardResult
+		a, b      *scorecard.Result
 		wantEqual bool
 	}{
 		{
@@ -38,18 +38,18 @@ func TestResults(t *testing.T) {
 		{
 			name:      "one nil",
 			a:         nil,
-			b:         &pkg.ScorecardResult{},
+			b:         &scorecard.Result{},
 			wantEqual: false,
 		},
 		{
 			name: "different repo name",
-			a: &pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			a: &scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name: "a",
 				},
 			},
-			b: &pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			b: &scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name: "b",
 				},
 			},
@@ -57,7 +57,7 @@ func TestResults(t *testing.T) {
 		},
 		{
 			name: "unequal amount of checks",
-			a: &pkg.ScorecardResult{
+			a: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Name: "a1",
@@ -67,7 +67,7 @@ func TestResults(t *testing.T) {
 					},
 				},
 			},
-			b: &pkg.ScorecardResult{
+			b: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Name: "b",
@@ -78,14 +78,14 @@ func TestResults(t *testing.T) {
 		},
 		{
 			name: "different check name",
-			a: &pkg.ScorecardResult{
+			a: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Name: "a",
 					},
 				},
 			},
-			b: &pkg.ScorecardResult{
+			b: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Name: "b",
@@ -96,14 +96,14 @@ func TestResults(t *testing.T) {
 		},
 		{
 			name: "different check score",
-			a: &pkg.ScorecardResult{
+			a: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Score: 1,
 					},
 				},
 			},
-			b: &pkg.ScorecardResult{
+			b: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Score: 2,
@@ -114,14 +114,14 @@ func TestResults(t *testing.T) {
 		},
 		{
 			name: "different check reason",
-			a: &pkg.ScorecardResult{
+			a: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Reason: "a",
 					},
 				},
 			},
-			b: &pkg.ScorecardResult{
+			b: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Reason: "b",
@@ -132,14 +132,14 @@ func TestResults(t *testing.T) {
 		},
 		{
 			name: "unequal number of details",
-			a: &pkg.ScorecardResult{
+			a: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Details: []checker.CheckDetail{},
 					},
 				},
 			},
-			b: &pkg.ScorecardResult{
+			b: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Details: []checker.CheckDetail{
@@ -154,7 +154,7 @@ func TestResults(t *testing.T) {
 		},
 		{
 			name: "details have different levels",
-			a: &pkg.ScorecardResult{
+			a: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Details: []checker.CheckDetail{
@@ -165,7 +165,7 @@ func TestResults(t *testing.T) {
 					},
 				},
 			},
-			b: &pkg.ScorecardResult{
+			b: &scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Details: []checker.CheckDetail{
@@ -180,8 +180,8 @@ func TestResults(t *testing.T) {
 		},
 		{
 			name: "equal results",
-			a: &pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			a: &scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name: "foo",
 				},
 				Checks: []checker.CheckResult{
@@ -195,8 +195,8 @@ func TestResults(t *testing.T) {
 					},
 				},
 			},
-			b: &pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			b: &scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name: "foo",
 				},
 				Checks: []checker.CheckResult{

cmd/internal/scdiff/app/format/format.go

@@ -21,19 +21,19 @@ import (
 
 	"github.com/ossf/scorecard/v5/docs/checks"
 	"github.com/ossf/scorecard/v5/log"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 const logLevel = log.DefaultLevel
 
-func Normalize(r *pkg.ScorecardResult) {
+func Normalize(r *scorecard.Result) {
 	if r == nil {
 		return
 	}
 
 	// these fields will change run-to-run, and aren't indicative of behavior changes.
 	r.Repo.CommitSHA = ""
-	r.Scorecard = pkg.ScorecardInfo{}
+	r.Scorecard = scorecard.ScorecardInfo{}
 	r.Date = time.Time{}
 
 	sort.Slice(r.Checks, func(i, j int) bool {
@@ -43,20 +43,20 @@ func Normalize(r *pkg.ScorecardResult) {
 	for i := range r.Checks {
 		check := &r.Checks[i]
 		sort.Slice(check.Details, func(i, j int) bool {
-			return pkg.DetailToString(&check.Details[i], logLevel) < pkg.DetailToString(&check.Details[j], logLevel)
+			return scorecard.DetailToString(&check.Details[i], logLevel) < scorecard.DetailToString(&check.Details[j], logLevel)
 		})
 	}
 }
 
 //nolint:wrapcheck
-func JSON(r *pkg.ScorecardResult, w io.Writer) error {
+func JSON(r *scorecard.Result, w io.Writer) error {
 	const details = true
 	docs, err := checks.Read()
 	if err != nil {
 		return err
 	}
 	Normalize(r)
-	o := &pkg.AsJSON2ResultOption{
+	o := &scorecard.AsJSON2ResultOption{
 		Details:  details,
 		LogLevel: logLevel,
 	}

cmd/internal/scdiff/app/format/format_test.go

@@ -22,25 +22,25 @@ import (
 	"github.com/google/go-cmp/cmp"
 
 	"github.com/ossf/scorecard/v5/checker"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 func TestJSON(t *testing.T) {
 	t.Parallel()
 	tests := []struct {
 		name string
-		a, b pkg.ScorecardResult
+		a, b scorecard.Result
 	}{
 		{
 			name: "repo commit SHA standardized",
-			a: pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			a: scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name:      "github.com/foo/bar",
 					CommitSHA: "commit a",
 				},
 			},
-			b: pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			b: scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name:      "github.com/foo/bar",
 					CommitSHA: "commit b",
 				},
@@ -48,23 +48,23 @@ func TestJSON(t *testing.T) {
 		},
 		{
 			name: "dates standardized",
-			a: pkg.ScorecardResult{
+			a: scorecard.Result{
 				Date: time.Now(),
 			},
-			b: pkg.ScorecardResult{
+			b: scorecard.Result{
 				Date: time.Now().AddDate(0, 0, -1),
 			},
 		},
 		{
 			name: "scorecard info standardized",
-			a: pkg.ScorecardResult{
-				Scorecard: pkg.ScorecardInfo{
+			a: scorecard.Result{
+				Scorecard: scorecard.ScorecardInfo{
 					Version:   "version a",
 					CommitSHA: "scorecard commit x",
 				},
 			},
-			b: pkg.ScorecardResult{
-				Scorecard: pkg.ScorecardInfo{
+			b: scorecard.Result{
+				Scorecard: scorecard.ScorecardInfo{
 					Version:   "version b",
 					CommitSHA: "scorecard commit y",
 				},
@@ -72,7 +72,7 @@ func TestJSON(t *testing.T) {
 		},
 		{
 			name: "check order standardized",
-			a: pkg.ScorecardResult{
+			a: scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Name:  "Token-Permissions",
@@ -84,7 +84,7 @@ func TestJSON(t *testing.T) {
 					},
 				},
 			},
-			b: pkg.ScorecardResult{
+			b: scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Name:  "License",
@@ -99,7 +99,7 @@ func TestJSON(t *testing.T) {
 		},
 		{
 			name: "detail order standardized",
-			a: pkg.ScorecardResult{
+			a: scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Name:  "Token-Permissions",
@@ -121,7 +121,7 @@ func TestJSON(t *testing.T) {
 					},
 				},
 			},
-			b: pkg.ScorecardResult{
+			b: scorecard.Result{
 				Checks: []checker.CheckResult{
 					{
 						Name:  "Token-Permissions",
@@ -167,7 +167,7 @@ func TestJSON(t *testing.T) {
 
 func Test_normalize_nil_safe(t *testing.T) {
 	t.Parallel()
-	var x, y *pkg.ScorecardResult
+	var x, y *scorecard.Result
 	Normalize(x)
 	Normalize(y)
 	if !cmp.Equal(x, y) {

cmd/internal/scdiff/app/generate.go

@@ -25,7 +25,7 @@ import (
 
 	"github.com/ossf/scorecard/v5/cmd/internal/scdiff/app/format"
 	"github.com/ossf/scorecard/v5/cmd/internal/scdiff/app/runner"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 //nolint:gochecknoinits // common for cobra apps
@@ -71,7 +71,7 @@ var (
 )
 
 type scorecardRunner interface {
-	Run(repo string) (pkg.ScorecardResult, error)
+	Run(repo string) (scorecard.Result, error)
 }
 
 // Runs scorecard on each newline-delimited repo in repos, and writes the output.

cmd/internal/scdiff/app/generate_test.go

@@ -21,7 +21,7 @@ import (
 	"testing"
 
 	"github.com/ossf/scorecard/v5/checker"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 var errFoo = errors.New("arbitrary error")
@@ -38,12 +38,12 @@ func (rc *resultCounter) Write(p []byte) (n int, err error) {
 
 type stubRunner struct{}
 
-func (s stubRunner) Run(repo string) (pkg.ScorecardResult, error) {
+func (s stubRunner) Run(repo string) (scorecard.Result, error) {
 	switch repo {
 	case "errorRepo":
-		return pkg.ScorecardResult{}, errFoo
+		return scorecard.Result{}, errFoo
 	case "badCheck":
-		return pkg.ScorecardResult{
+		return scorecard.Result{
 			Checks: []checker.CheckResult{
 				{
 					Name:  "not a real check",
@@ -52,7 +52,7 @@ func (s stubRunner) Run(repo string) (pkg.ScorecardResult, error) {
 			},
 		}, nil
 	default:
-		return pkg.ScorecardResult{}, nil
+		return scorecard.Result{}, nil
 	}
 }
 

cmd/internal/scdiff/app/runner/runner.go

@@ -23,7 +23,7 @@ import (
 	"github.com/ossf/scorecard/v5/clients/gitlabrepo"
 	sce "github.com/ossf/scorecard/v5/errors"
 	"github.com/ossf/scorecard/v5/log"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 // Runner holds the clients and configuration needed to run Scorecard on multiple repos.
@@ -53,7 +53,7 @@ func New(enabledChecks []string) Runner {
 }
 
 //nolint:wrapcheck
-func (r *Runner) Run(repoURI string) (pkg.ScorecardResult, error) {
+func (r *Runner) Run(repoURI string) (scorecard.Result, error) {
 	r.log("processing repo: " + repoURI)
 	repoClient := r.githubClient
 	repo, err := githubrepo.MakeGithubRepo(repoURI)
@@ -62,11 +62,11 @@ func (r *Runner) Run(repoURI string) (pkg.ScorecardResult, error) {
 		repoClient = r.gitlabClient
 	}
 	if err != nil {
-		return pkg.ScorecardResult{}, err
+		return scorecard.Result{}, err
 	}
-	return pkg.Run(r.ctx, repo,
-		pkg.WithRepoClient(repoClient),
-		pkg.WithChecks(r.enabledChecks),
+	return scorecard.Run(r.ctx, repo,
+		scorecard.WithRepoClient(repoClient),
+		scorecard.WithChecks(r.enabledChecks),
 	)
 }
 

cmd/internal/scdiff/app/stats.go

@@ -27,7 +27,7 @@ import (
 	"github.com/spf13/cobra"
 
 	"github.com/ossf/scorecard/v5/checker"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 //nolint:gochecknoinits // common for cobra apps
@@ -69,7 +69,7 @@ func countScores(input io.Reader, check string) ([12]int, error) {
 	scanner := bufio.NewScanner(input)
 	scanner.Buffer(nil, maxResultSize)
 	for scanner.Scan() {
-		result, aggregateScore, err := pkg.ExperimentalFromJSON2(strings.NewReader(scanner.Text()))
+		result, aggregateScore, err := scorecard.ExperimentalFromJSON2(strings.NewReader(scanner.Text()))
 		if err != nil {
 			return [12]int{}, fmt.Errorf("parsing result: %w", err)
 		}

cmd/root.go

@@ -36,7 +36,7 @@ import (
 	sce "github.com/ossf/scorecard/v5/errors"
 	sclog "github.com/ossf/scorecard/v5/log"
 	"github.com/ossf/scorecard/v5/options"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 	"github.com/ossf/scorecard/v5/policy"
 )
 
@@ -78,7 +78,7 @@ func New(o *options.Options) *cobra.Command {
 // rootCmd runs scorecard checks given a set of arguments.
 func rootCmd(o *options.Options) error {
 	var err error
-	var repoResult pkg.ScorecardResult
+	var repoResult scorecard.Result
 
 	p := &pmc.PackageManagerClient{}
 	// Set `repo` from package managers.
@@ -123,8 +123,8 @@ func rootCmd(o *options.Options) error {
 	if !strings.EqualFold(o.Commit, clients.HeadSHA) {
 		requiredRequestTypes = append(requiredRequestTypes, checker.CommitBased)
 	}
-	// this call to policy is different from the one in pkg.Run
-	// this one is concerned with a policy file, while the pkg.Run call is
+	// this call to policy is different from the one in scorecard.Run
+	// this one is concerned with a policy file, while the scorecard.Run call is
 	// more concerned with the supported request types
 	enabledChecks, err := policy.GetEnabled(pol, o.Checks(), requiredRequestTypes)
 	if err != nil {
@@ -144,15 +144,15 @@ func rootCmd(o *options.Options) error {
 		}
 	}
 
-	repoResult, err = pkg.Run(ctx, repo,
-		pkg.WithLogLevel(sclog.ParseLevel(o.LogLevel)),
-		pkg.WithCommitSHA(o.Commit),
-		pkg.WithCommitDepth(o.CommitDepth),
-		pkg.WithProbes(enabledProbes),
-		pkg.WithChecks(checks),
+	repoResult, err = scorecard.Run(ctx, repo,
+		scorecard.WithLogLevel(sclog.ParseLevel(o.LogLevel)),
+		scorecard.WithCommitSHA(o.Commit),
+		scorecard.WithCommitDepth(o.CommitDepth),
+		scorecard.WithProbes(enabledProbes),
+		scorecard.WithChecks(checks),
 	)
 	if err != nil {
-		return fmt.Errorf("RunScorecard: %w", err)
+		return fmt.Errorf("scorecard.Run: %w", err)
 	}
 
 	repoResult.Metadata = append(repoResult.Metadata, o.Metadata...)
@@ -170,7 +170,7 @@ func rootCmd(o *options.Options) error {
 		}
 	}
 
-	resultsErr := pkg.FormatResults(
+	resultsErr := scorecard.FormatResults(
 		o,
 		&repoResult,
 		checkDocs,

cmd/serve.go

@@ -27,7 +27,7 @@ import (
 	"github.com/ossf/scorecard/v5/clients/ossfuzz"
 	"github.com/ossf/scorecard/v5/log"
 	"github.com/ossf/scorecard/v5/options"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 // TODO(cmd): Determine if this should be exported.
@@ -65,10 +65,10 @@ func serveCmd(o *options.Options) *cobra.Command {
 					rw.WriteHeader(http.StatusInternalServerError)
 				}
 				defer ossFuzzRepoClient.Close()
-				repoResult, err := pkg.Run(ctx, repo,
-					pkg.WithCommitDepth(o.CommitDepth),
-					pkg.WithRepoClient(repoClient),
-					pkg.WithOSSFuzzClient(ossFuzzRepoClient),
+				repoResult, err := scorecard.Run(ctx, repo,
+					scorecard.WithCommitDepth(o.CommitDepth),
+					scorecard.WithRepoClient(repoClient),
+					scorecard.WithOSSFuzzClient(ossFuzzRepoClient),
 				)
 				if err != nil {
 					logger.Error(err, "running enabled scorecard checks on repo")

cron/internal/format/json.go

@@ -23,7 +23,7 @@ import (
 	docs "github.com/ossf/scorecard/v5/docs/checks"
 	sce "github.com/ossf/scorecard/v5/errors"
 	"github.com/ossf/scorecard/v5/log"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 type jsonCheckResult struct {
@@ -83,7 +83,7 @@ type jsonScorecardResultV2 struct {
 }
 
 // AsJSON exports results as JSON for new detail format.
-func AsJSON(r *pkg.ScorecardResult, showDetails bool, logLevel log.Level, writer io.Writer) error {
+func AsJSON(r *scorecard.Result, showDetails bool, logLevel log.Level, writer io.Writer) error {
 	encoder := json.NewEncoder(writer)
 
 	out := jsonScorecardResult{
@@ -99,7 +99,7 @@ func AsJSON(r *pkg.ScorecardResult, showDetails bool, logLevel log.Level, writer
 		if showDetails {
 			for i := range checkResult.Details {
 				d := checkResult.Details[i]
-				m := pkg.DetailToString(&d, logLevel)
+				m := scorecard.DetailToString(&d, logLevel)
 				if m == "" {
 					continue
 				}
@@ -116,7 +116,7 @@ func AsJSON(r *pkg.ScorecardResult, showDetails bool, logLevel log.Level, writer
 }
 
 // AsJSON2 exports results as JSON for the cron job and in the new detail format.
-func AsJSON2(r *pkg.ScorecardResult, showDetails bool,
+func AsJSON2(r *scorecard.Result, showDetails bool,
 	logLevel log.Level, checkDocs docs.Doc, writer io.Writer,
 ) error {
 	score, err := r.GetAggregateScore(checkDocs)
@@ -159,7 +159,7 @@ func AsJSON2(r *pkg.ScorecardResult, showDetails bool,
 		if showDetails {
 			for i := range checkResult.Details {
 				d := checkResult.Details[i]
-				m := pkg.DetailToString(&d, logLevel)
+				m := scorecard.DetailToString(&d, logLevel)
 				if m == "" {
 					continue
 				}

cron/internal/format/json_raw_results.go

@@ -21,7 +21,7 @@ import (
 
 	"github.com/ossf/scorecard/v5/checker"
 	sce "github.com/ossf/scorecard/v5/errors"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 // Flat JSON structure to hold raw results.
@@ -263,7 +263,7 @@ func fillJSONRawResults(r *jsonScorecardRawResult, raw *checker.RawResults) erro
 }
 
 // AsRawJSON exports results as JSON for raw results.
-func AsRawJSON(r *pkg.ScorecardResult, writer io.Writer) error {
+func AsRawJSON(r *scorecard.Result, writer io.Writer) error {
 	encoder := json.NewEncoder(writer)
 	out := jsonScorecardRawResult{
 		Repo: jsonRepoV2{

cron/internal/format/json_test.go

@@ -28,7 +28,7 @@ import (
 	"github.com/ossf/scorecard/v5/checker"
 	"github.com/ossf/scorecard/v5/finding"
 	"github.com/ossf/scorecard/v5/log"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 func jsonMockDocRead() *mockDoc {
@@ -86,19 +86,19 @@ func TestJSONOutput(t *testing.T) {
 		expected    string
 		showDetails bool
 		logLevel    log.Level
-		result      pkg.ScorecardResult
+		result      scorecard.Result
 	}{
 		{
 			name:        "check-1",
 			showDetails: true,
 			expected:    "./testdata/check1.json",
 			logLevel:    log.DebugLevel,
-			result: pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			result: scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
 				},
-				Scorecard: pkg.ScorecardInfo{
+				Scorecard: scorecard.ScorecardInfo{
 					Version:   scorecardVersion,
 					CommitSHA: scorecardCommit,
 				},
@@ -130,12 +130,12 @@ func TestJSONOutput(t *testing.T) {
 			showDetails: true,
 			expected:    "./testdata/check2.json",
 			logLevel:    log.DebugLevel,
-			result: pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			result: scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
 				},
-				Scorecard: pkg.ScorecardInfo{
+				Scorecard: scorecard.ScorecardInfo{
 					Version:   scorecardVersion,
 					CommitSHA: scorecardCommit,
 				},
@@ -166,12 +166,12 @@ func TestJSONOutput(t *testing.T) {
 			showDetails: true,
 			expected:    "./testdata/check3.json",
 			logLevel:    log.InfoLevel,
-			result: pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			result: scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
 				},
-				Scorecard: pkg.ScorecardInfo{
+				Scorecard: scorecard.ScorecardInfo{
 					Version:   scorecardVersion,
 					CommitSHA: scorecardCommit,
 				},
@@ -256,12 +256,12 @@ func TestJSONOutput(t *testing.T) {
 			showDetails: true,
 			expected:    "./testdata/check4.json",
 			logLevel:    log.DebugLevel,
-			result: pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			result: scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
 				},
-				Scorecard: pkg.ScorecardInfo{
+				Scorecard: scorecard.ScorecardInfo{
 					Version:   scorecardVersion,
 					CommitSHA: scorecardCommit,
 				},
@@ -346,12 +346,12 @@ func TestJSONOutput(t *testing.T) {
 			showDetails: true,
 			expected:    "./testdata/check5.json",
 			logLevel:    log.WarnLevel,
-			result: pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			result: scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
 				},
-				Scorecard: pkg.ScorecardInfo{
+				Scorecard: scorecard.ScorecardInfo{
 					Version:   scorecardVersion,
 					CommitSHA: scorecardCommit,
 				},
@@ -383,12 +383,12 @@ func TestJSONOutput(t *testing.T) {
 			showDetails: true,
 			expected:    "./testdata/check6.json",
 			logLevel:    log.WarnLevel,
-			result: pkg.ScorecardResult{
-				Repo: pkg.RepoInfo{
+			result: scorecard.Result{
+				Repo: scorecard.RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
 				},
-				Scorecard: pkg.ScorecardInfo{
+				Scorecard: scorecard.ScorecardInfo{
 					Version:   scorecardVersion,
 					CommitSHA: scorecardCommit,
 				},

cron/internal/worker/main.go

@@ -41,7 +41,7 @@ import (
 	docs "github.com/ossf/scorecard/v5/docs/checks"
 	sce "github.com/ossf/scorecard/v5/errors"
 	"github.com/ossf/scorecard/v5/log"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 	"github.com/ossf/scorecard/v5/policy"
 	"github.com/ossf/scorecard/v5/stats"
 )
@@ -217,20 +217,20 @@ func processRequest(ctx context.Context,
 			enabledChecks = append(enabledChecks, check)
 		}
 
-		result, err := pkg.Run(ctx, repo,
-			pkg.WithCommitSHA(commitSHA),
-			pkg.WithChecks(enabledChecks),
-			pkg.WithRepoClient(repoClient),
-			pkg.WithOSSFuzzClient(ossFuzzRepoClient),
-			pkg.WithOpenSSFBestPraticesClient(ciiClient),
-			pkg.WithVulnerabilitiesClient(vulnsClient),
+		result, err := scorecard.Run(ctx, repo,
+			scorecard.WithCommitSHA(commitSHA),
+			scorecard.WithChecks(enabledChecks),
+			scorecard.WithRepoClient(repoClient),
+			scorecard.WithOSSFuzzClient(ossFuzzRepoClient),
+			scorecard.WithOpenSSFBestPraticesClient(ciiClient),
+			scorecard.WithVulnerabilitiesClient(vulnsClient),
 		)
 		if errors.Is(err, sce.ErrRepoUnreachable) {
 			// Not accessible repo - continue.
 			continue
 		}
 		if err != nil {
-			return fmt.Errorf("error during RunScorecard: %w", err)
+			return fmt.Errorf("error during scorecard.Run: %w", err)
 		}
 		for checkIndex := range result.Checks {
 			check := &result.Checks[checkIndex]

e2e/attestor_policy_test.go

@@ -28,7 +28,7 @@ import (
 	"github.com/ossf/scorecard/v5/attestor/policy"
 	"github.com/ossf/scorecard/v5/clients/githubrepo"
 	"github.com/ossf/scorecard/v5/internal/checknames"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 var _ = Describe("E2E TEST PAT: scorecard-attestor policy", func() {
@@ -222,7 +222,7 @@ var _ = Describe("E2E TEST PAT: scorecard-attestor policy", func() {
 	})
 })
 
-func getScorecardResult(repoURL string) (pkg.ScorecardResult, error) {
+func getScorecardResult(repoURL string) (scorecard.Result, error) {
 	ctx := context.Background()
 	enabledChecks := []string{
 		checknames.BinaryArtifacts,
@@ -232,7 +232,7 @@ func getScorecardResult(repoURL string) (pkg.ScorecardResult, error) {
 	}
 	repo, err := githubrepo.MakeGithubRepo(repoURL)
 	if err != nil {
-		return pkg.ScorecardResult{}, fmt.Errorf("couldn't set up repo: %w", err)
+		return scorecard.Result{}, fmt.Errorf("couldn't set up repo: %w", err)
 	}
-	return pkg.Run(ctx, repo, pkg.WithChecks(enabledChecks))
+	return scorecard.Run(ctx, repo, scorecard.WithChecks(enabledChecks))
 }

pkg/scorecard/common.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"fmt"

pkg/scorecard/common_test.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"testing"

pkg/scorecard/json.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"encoding/json"
@@ -96,7 +96,7 @@ type AsJSON2ResultOption struct {
 }
 
 // AsJSON exports results as JSON for new detail format.
-func (r *ScorecardResult) AsJSON(showDetails bool, logLevel log.Level, writer io.Writer) error {
+func (r *Result) AsJSON(showDetails bool, logLevel log.Level, writer io.Writer) error {
 	encoder := json.NewEncoder(writer)
 
 	out := jsonScorecardResult{
@@ -129,7 +129,7 @@ func (r *ScorecardResult) AsJSON(showDetails bool, logLevel log.Level, writer io
 }
 
 // AsJSON2 exports results as JSON for new detail format.
-func (r *ScorecardResult) AsJSON2(writer io.Writer, checkDocs docs.Doc, opt *AsJSON2ResultOption) error {
+func (r *Result) AsJSON2(writer io.Writer, checkDocs docs.Doc, opt *AsJSON2ResultOption) error {
 	if opt == nil {
 		opt = &AsJSON2ResultOption{
 			LogLevel:    log.DefaultLevel,
@@ -200,11 +200,11 @@ func (r *ScorecardResult) AsJSON2(writer io.Writer, checkDocs docs.Doc, opt *AsJ
 
 // ExperimentalFromJSON2 is experimental. Do not depend on it, it may be removed at any point.
 // Also returns the aggregate score, as the ScorecardResult field does not contain it.
-func ExperimentalFromJSON2(r io.Reader) (result ScorecardResult, score float64, err error) {
+func ExperimentalFromJSON2(r io.Reader) (result Result, score float64, err error) {
 	var jsr JSONScorecardResultV2
 	decoder := json.NewDecoder(r)
 	if err := decoder.Decode(&jsr); err != nil {
-		return ScorecardResult{}, 0, fmt.Errorf("decode json: %w", err)
+		return Result{}, 0, fmt.Errorf("decode json: %w", err)
 	}
 
 	var parseErr *time.ParseError
@@ -213,10 +213,10 @@ func ExperimentalFromJSON2(r io.Reader) (result ScorecardResult, score float64,
 		date, err = time.Parse("2006-01-02", jsr.Date)
 	}
 	if err != nil {
-		return ScorecardResult{}, 0, fmt.Errorf("parse scorecard analysis time: %w", err)
+		return Result{}, 0, fmt.Errorf("parse scorecard analysis time: %w", err)
 	}
 
-	sr := ScorecardResult{
+	sr := Result{
 		Repo: RepoInfo{
 			Name:      jsr.Repo.Name,
 			CommitSHA: jsr.Repo.Commit,

pkg/scorecard/json_raw_results.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"encoding/json"
@@ -818,7 +818,7 @@ func (r *jsonScorecardRawResult) fillJSONRawResults(raw *checker.RawResults) err
 }
 
 // AsRawJSON exports results as JSON for raw results.
-func (r *ScorecardResult) AsRawJSON(writer io.Writer) error {
+func (r *Result) AsRawJSON(writer io.Writer) error {
 	encoder := json.NewEncoder(writer)
 	out := jsonScorecardRawResult{
 		Repo: jsonRepoV2{

pkg/scorecard/json_raw_results_test.go

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-package pkg
+package scorecard
 
 import (
 	"bytes"
@@ -1265,7 +1265,7 @@ func TestScorecardResult_AsRawJSON(t *testing.T) {
 		tt := tt // capture range variable
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
-			r := &ScorecardResult{
+			r := &Result{
 				Repo:       tt.fields.Repo,
 				Date:       tt.fields.Date,
 				Scorecard:  tt.fields.Scorecard,

pkg/scorecard/json_test.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"bytes"
@@ -90,14 +90,14 @@ func TestJSONOutput(t *testing.T) {
 		showDetails     bool
 		showAnnotations bool
 		logLevel        log.Level
-		result          ScorecardResult
+		result          Result
 	}{
 		{
 			name:        "check-1",
 			showDetails: true,
 			expected:    "./testdata/check1.json",
 			logLevel:    log.DebugLevel,
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -135,7 +135,7 @@ func TestJSONOutput(t *testing.T) {
 			showAnnotations: true,
 			expected:        "./testdata/check1_annotations.json",
 			logLevel:        log.DebugLevel,
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -183,7 +183,7 @@ func TestJSONOutput(t *testing.T) {
 			showDetails: true,
 			expected:    "./testdata/check2.json",
 			logLevel:    log.DebugLevel,
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -219,7 +219,7 @@ func TestJSONOutput(t *testing.T) {
 			showDetails: true,
 			expected:    "./testdata/check3.json",
 			logLevel:    log.InfoLevel,
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -309,7 +309,7 @@ func TestJSONOutput(t *testing.T) {
 			showDetails: true,
 			expected:    "./testdata/check4.json",
 			logLevel:    log.DebugLevel,
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -399,7 +399,7 @@ func TestJSONOutput(t *testing.T) {
 			showDetails: true,
 			expected:    "./testdata/check5.json",
 			logLevel:    log.WarnLevel,
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -436,7 +436,7 @@ func TestJSONOutput(t *testing.T) {
 			showDetails: true,
 			expected:    "./testdata/check6.json",
 			logLevel:    log.WarnLevel,
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,

pkg/scorecard/mock_doc.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"strings"

pkg/scorecard/pkg_suite_test.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg_test
+package scorecard_test
 
 import (
 	"os"

pkg/scorecard/probe.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"encoding/json"
@@ -39,7 +39,7 @@ type ProbeResultOption struct {
 
 // AsProbe writes results as JSON for flat findings without checks.
 // It accepts an optional argument to configure the output.
-func (r *ScorecardResult) AsProbe(writer io.Writer, o *ProbeResultOption) error {
+func (r *Result) AsProbe(writer io.Writer, o *ProbeResultOption) error {
 	encoder := json.NewEncoder(writer)
 	out := JSONScorecardProbeResult{
 		Repo: jsonRepoV2{

pkg/scorecard/probe_test.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"bytes"
@@ -30,12 +30,12 @@ func TestAsProbe(t *testing.T) {
 	tests := []struct {
 		name     string
 		expected string
-		result   ScorecardResult
+		result   Result
 	}{
 		{
 			name:     "multiple findings displayed",
 			expected: "./testdata/probe1.json",
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      "foo",
 					CommitSHA: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",

pkg/scorecard/sarif.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"encoding/json"
@@ -612,7 +612,7 @@ func toolName(opts *options.Options) string {
 }
 
 // AsSARIF outputs ScorecardResult in SARIF 2.1.0 format.
-func (r *ScorecardResult) AsSARIF(showDetails bool, logLevel log.Level,
+func (r *Result) AsSARIF(showDetails bool, logLevel log.Level,
 	writer io.Writer, checkDocs docs.Doc, policy *spol.ScorecardPolicy,
 	opts *options.Options,
 ) error {

pkg/scorecard/sarif_test.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"bytes"
@@ -121,7 +121,7 @@ func TestSARIFOutput(t *testing.T) {
 		showDetails    bool
 		showAnotations bool
 		logLevel       log.Level
-		result         ScorecardResult
+		result         Result
 		policy         spol.ScorecardPolicy
 	}{
 		{
@@ -142,7 +142,7 @@ func TestSARIFOutput(t *testing.T) {
 					},
 				},
 			},
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -196,7 +196,7 @@ func TestSARIFOutput(t *testing.T) {
 					},
 				},
 			},
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -243,7 +243,7 @@ func TestSARIFOutput(t *testing.T) {
 					},
 				},
 			},
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -303,7 +303,7 @@ func TestSARIFOutput(t *testing.T) {
 					},
 				},
 			},
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -356,7 +356,7 @@ func TestSARIFOutput(t *testing.T) {
 					},
 				},
 			},
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -463,7 +463,7 @@ func TestSARIFOutput(t *testing.T) {
 					},
 				},
 			},
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -562,7 +562,7 @@ func TestSARIFOutput(t *testing.T) {
 					},
 				},
 			},
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -610,7 +610,7 @@ func TestSARIFOutput(t *testing.T) {
 					},
 				},
 			},
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -662,7 +662,7 @@ func TestSARIFOutput(t *testing.T) {
 					},
 				},
 			},
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,
@@ -773,7 +773,7 @@ func TestSARIFOutput(t *testing.T) {
 					},
 				},
 			},
-			result: ScorecardResult{
+			result: Result{
 				Repo: RepoInfo{
 					Name:      repoName,
 					CommitSHA: repoCommit,

pkg/scorecard/scorecard.go

@@ -12,8 +12,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-// Package pkg defines fns for running Scorecard checks on a Repo.
-package pkg
+// Package scorecard defines functions for running Scorecard checks on a Repo.
+package scorecard
 
 import (
 	"context"
@@ -97,16 +97,16 @@ func runScorecard(ctx context.Context,
 	ciiClient clients.CIIBestPracticesClient,
 	vulnsClient clients.VulnerabilitiesClient,
 	projectClient packageclient.ProjectPackageClient,
-) (ScorecardResult, error) {
+) (Result, error) {
 	if err := repoClient.InitRepo(repo, commitSHA, commitDepth); err != nil {
 		// No need to call sce.WithMessage() since InitRepo will do that for us.
 		//nolint:wrapcheck
-		return ScorecardResult{}, err
+		return Result{}, err
 	}
 	defer repoClient.Close()
 
 	versionInfo := version.GetVersionInfo()
-	ret := ScorecardResult{
+	ret := Result{
 		Repo: RepoInfo{
 			Name:      repo.URI(),
 			CommitSHA: commitSHA,
@@ -123,14 +123,14 @@ func runScorecard(ctx context.Context,
 	if errors.Is(err, errEmptyRepository) {
 		return ret, nil
 	} else if err != nil {
-		return ScorecardResult{}, err
+		return Result{}, err
 	}
 	ret.Repo.CommitSHA = commitSHA
 
 	defaultBranch, err := repoClient.GetDefaultBranchName()
 	if err != nil {
 		if !errors.Is(err, clients.ErrUnsupportedFeature) {
-			return ScorecardResult{},
+			return Result{},
 				sce.WithMessage(sce.ErrScorecardInternal, fmt.Sprintf("GetDefaultBranchName:%v", err.Error()))
 		}
 		defaultBranch = "unknown"
@@ -163,7 +163,7 @@ func runScorecard(ctx context.Context,
 	if len(probesToRun) > 0 {
 		err = runEnabledProbes(request, probesToRun, &ret)
 		if err != nil {
-			return ScorecardResult{}, err
+			return Result{}, err
 		}
 		return ret, nil
 	}
@@ -209,7 +209,7 @@ func findConfigFile(rc clients.RepoClient) (io.ReadCloser, string) {
 
 func runEnabledProbes(request *checker.CheckRequest,
 	probesToRun []string,
-	ret *ScorecardResult,
+	ret *Result,
 ) error {
 	// Add RawResults to request
 	err := populateRawResults(request, probesToRun, ret)
@@ -239,32 +239,6 @@ func runEnabledProbes(request *checker.CheckRequest,
 	return nil
 }
 
-// RunScorecard runs enabled Scorecard checks on a Repo.
-func RunScorecard(ctx context.Context,
-	repo clients.Repo,
-	commitSHA string,
-	commitDepth int,
-	checksToRun checker.CheckNameToFnMap,
-	repoClient clients.RepoClient,
-	ossFuzzRepoClient clients.RepoClient,
-	ciiClient clients.CIIBestPracticesClient,
-	vulnsClient clients.VulnerabilitiesClient,
-	projectClient packageclient.ProjectPackageClient,
-) (ScorecardResult, error) {
-	return runScorecard(ctx,
-		repo,
-		commitSHA,
-		commitDepth,
-		checksToRun,
-		[]string{},
-		repoClient,
-		ossFuzzRepoClient,
-		ciiClient,
-		vulnsClient,
-		projectClient,
-	)
-}
-
 type runConfig struct {
 	client        clients.RepoClient
 	vulnClient    clients.VulnerabilitiesClient
@@ -280,6 +254,7 @@ type runConfig struct {
 
 type Option func(*runConfig) error
 
+// WithLogLevel configures the log level of the analysis.
 func WithLogLevel(level sclog.Level) Option {
 	return func(c *runConfig) error {
 		c.logLevel = level
@@ -287,6 +262,7 @@ func WithLogLevel(level sclog.Level) Option {
 	}
 }
 
+// WithCommitDepth configures the number of commits to analyze.
 func WithCommitDepth(depth int) Option {
 	return func(c *runConfig) error {
 		c.commitDepth = depth
@@ -294,6 +270,8 @@ func WithCommitDepth(depth int) Option {
 	}
 }
 
+// WithCommitSHA specifies the repository commit to analyze.
+// If this option is not used, the repository is analyzed at HEAD.
 func WithCommitSHA(sha string) Option {
 	return func(c *runConfig) error {
 		c.commit = sha
@@ -301,6 +279,8 @@ func WithCommitSHA(sha string) Option {
 	}
 }
 
+// WithChecks specifies checks which should be run during the analysis
+// of a project. If this option is not used, all checks are run.
 func WithChecks(checks []string) Option {
 	return func(c *runConfig) error {
 		c.checks = checks
@@ -308,6 +288,8 @@ func WithChecks(checks []string) Option {
 	}
 }
 
+// WithProbes specifies individual probes which should be run during the
+// analysis of a project.
 func WithProbes(probes []string) Option {
 	return func(c *runConfig) error {
 		c.probes = probes
@@ -315,6 +297,8 @@ func WithProbes(probes []string) Option {
 	}
 }
 
+// WithRepoClient will set the client used to query a repo host or forge
+// about the given project.
 func WithRepoClient(client clients.RepoClient) Option {
 	return func(c *runConfig) error {
 		c.client = client
@@ -322,6 +306,8 @@ func WithRepoClient(client clients.RepoClient) Option {
 	}
 }
 
+// WithOSSFuzzClient will set the client used to query OSS-Fuzz about a project's
+// integration with OSS-Fuzz.
 func WithOSSFuzzClient(client clients.RepoClient) Option {
 	return func(c *runConfig) error {
 		c.ossfuzzClient = client
@@ -329,6 +315,8 @@ func WithOSSFuzzClient(client clients.RepoClient) Option {
 	}
 }
 
+// WithVulnerabilitiesClient will set the client used to query vulnerabilities
+// present in a project.
 func WithVulnerabilitiesClient(client clients.VulnerabilitiesClient) Option {
 	return func(c *runConfig) error {
 		c.vulnClient = client
@@ -336,6 +324,8 @@ func WithVulnerabilitiesClient(client clients.VulnerabilitiesClient) Option {
 	}
 }
 
+// WithOpenSSFBestPraticesClient will set the client used to query the OpenSSF
+// Best Practice API for data about a project.
 func WithOpenSSFBestPraticesClient(client clients.CIIBestPracticesClient) Option {
 	return func(c *runConfig) error {
 		c.ciiClient = client
@@ -343,14 +333,17 @@ func WithOpenSSFBestPraticesClient(client clients.CIIBestPracticesClient) Option
 	}
 }
 
-func Run(ctx context.Context, repo clients.Repo, opts ...Option) (ScorecardResult, error) {
+// Run analyzes a given repository and returns the result. You can modify the
+// run behavior by passing in [Option] arguments. In the absence of a particular
+// option a default is used. Refer to the various Options for details.
+func Run(ctx context.Context, repo clients.Repo, opts ...Option) (Result, error) {
 	c := runConfig{
 		commit:   clients.HeadSHA,
 		logLevel: sclog.DefaultLevel,
 	}
 	for _, option := range opts {
 		if err := option(&c); err != nil {
-			return ScorecardResult{}, err
+			return Result{}, err
 		}
 	}
 	logger := sclog.NewLogger(c.logLevel)
@@ -383,7 +376,7 @@ func Run(ctx context.Context, repo clients.Repo, opts ...Option) (ScorecardResul
 		if c.client == nil {
 			c.client, err = gitlabrepo.CreateGitlabClient(ctx, repo.Host())
 			if err != nil {
-				return ScorecardResult{}, fmt.Errorf("creating gitlab client: %w", err)
+				return Result{}, fmt.Errorf("creating gitlab client: %w", err)
 			}
 		}
 	}
@@ -394,7 +387,7 @@ func Run(ctx context.Context, repo clients.Repo, opts ...Option) (ScorecardResul
 
 	checksToRun, err := policy.GetEnabled(nil, c.checks, requiredRequestTypes)
 	if err != nil {
-		return ScorecardResult{}, fmt.Errorf("getting enabled checks: %w", err)
+		return Result{}, fmt.Errorf("getting enabled checks: %w", err)
 	}
 
 	return runScorecard(ctx, repo, c.commit, c.commitDepth, checksToRun, c.probes,

pkg/scorecard/scorecard_e2e_test.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"context"
@@ -29,7 +29,7 @@ import (
 	sclog "github.com/ossf/scorecard/v5/log"
 )
 
-func (r *ScorecardResult) normalize() {
+func (r *Result) normalize() {
 	r.Date = time.Time{}
 	sort.Slice(r.Checks, func(i, j int) bool {
 		return r.Checks[i].Name < r.Checks[j].Name
@@ -51,7 +51,7 @@ func countDetails(c []checker.CheckDetail) (debug, info, warn int) {
 }
 
 //nolint:gocritic // comparison was failing with pointer types
-func compareScorecardResults(a, b ScorecardResult) bool {
+func compareScorecardResults(a, b Result) bool {
 	if a.Repo != b.Repo {
 		fmt.Fprintf(GinkgoWriter, "Unequal repo details in results: %v vs %v\n", a.Repo, b.Repo)
 		return false
@@ -95,7 +95,7 @@ func compareScorecardResults(a, b ScorecardResult) bool {
 	return true
 }
 
-var _ = Describe("E2E TEST: RunScorecard with re-used repoClient", func() {
+var _ = Describe("E2E TEST: scorecard.Run with re-used repoClient", func() {
 	Context("E2E TEST: Validate results are identical regardless of order", func() {
 		assertLastResultsIdentical := func(repos []string) {
 			if len(repos) < 2 {
@@ -109,7 +109,7 @@ var _ = Describe("E2E TEST: RunScorecard with re-used repoClient", func() {
 			isolatedResult, err := Run(ctx, repo, WithLogLevel(sclog.DebugLevel))
 			Expect(err).Should(BeNil())
 
-			var sharedResult ScorecardResult
+			var sharedResult Result
 			for i := range repos {
 				repo, err = githubrepo.MakeGithubRepo(repos[i])
 				Expect(err).Should(BeNil())

pkg/scorecard/scorecard_result.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"fmt"
@@ -52,8 +52,8 @@ type RepoInfo struct {
 	CommitSHA string
 }
 
-// ScorecardResult struct is returned on a successful Scorecard run.
-type ScorecardResult struct {
+// Result struct is returned on a successful Scorecard run.
+type Result struct {
 	Repo       RepoInfo
 	Date       time.Time
 	Scorecard  ScorecardInfo
@@ -79,7 +79,7 @@ func scoreToString(s float64) string {
 }
 
 // GetAggregateScore returns the aggregate score.
-func (r *ScorecardResult) GetAggregateScore(checkDocs docChecks.Doc) (float64, error) {
+func (r *Result) GetAggregateScore(checkDocs docChecks.Doc) (float64, error) {
 	// TODO: calculate the score and make it a field
 	// of ScorecardResult
 	weights := map[string]float64{"Critical": 10, "High": 7.5, "Medium": 5, "Low": 2.5}
@@ -121,7 +121,7 @@ func (r *ScorecardResult) GetAggregateScore(checkDocs docChecks.Doc) (float64, e
 // FormatResults formats scorecard results.
 func FormatResults(
 	opts *options.Options,
-	results *ScorecardResult,
+	results *Result,
 	doc docChecks.Doc,
 	policy *spol.ScorecardPolicy,
 ) error {
@@ -179,7 +179,7 @@ func FormatResults(
 }
 
 // AsString returns ScorecardResult in string format.
-func (r *ScorecardResult) AsString(writer io.Writer, checkDocs docChecks.Doc, opt *AsStringResultOption) error {
+func (r *Result) AsString(writer io.Writer, checkDocs docChecks.Doc, opt *AsStringResultOption) error {
 	if opt == nil {
 		opt = &AsStringResultOption{
 			LogLevel:    log.DefaultLevel,
@@ -255,7 +255,7 @@ func (r *ScorecardResult) AsString(writer io.Writer, checkDocs docChecks.Doc, op
 }
 
 //nolint:gocognit,gocyclo // nothing better to do right now
-func assignRawData(probeCheckName string, request *checker.CheckRequest, ret *ScorecardResult) error {
+func assignRawData(probeCheckName string, request *checker.CheckRequest, ret *Result) error {
 	switch probeCheckName {
 	case checks.CheckBinaryArtifacts:
 		rawData, err := raw.BinaryArtifacts(request)
@@ -394,7 +394,7 @@ func assignRawData(probeCheckName string, request *checker.CheckRequest, ret *Sc
 	return nil
 }
 
-func populateRawResults(request *checker.CheckRequest, probesToRun []string, ret *ScorecardResult) error {
+func populateRawResults(request *checker.CheckRequest, probesToRun []string, ret *Result) error {
 	seen := map[string]bool{}
 	for _, probeName := range probesToRun {
 		p, err := proberegistration.Get(probeName)

pkg/scorecard/scorecard_result_test.go

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package pkg
+package scorecard
 
 import (
 	"bytes"
@@ -30,7 +30,7 @@ import (
 	spol "github.com/ossf/scorecard/v5/policy"
 )
 
-func mockScorecardResultCheck1(t *testing.T) *ScorecardResult {
+func mockScorecardResultCheck1(t *testing.T) *Result {
 	t.Helper()
 	// Helper variables to mock Scorecard results
 	date, err := time.Parse(time.RFC3339, "2023-03-02T10:30:43-06:00")
@@ -39,7 +39,7 @@ func mockScorecardResultCheck1(t *testing.T) *ScorecardResult {
 	}
 	t.Logf("date: %v", date)
 
-	return &ScorecardResult{
+	return &Result{
 		Repo: RepoInfo{
 			Name:      "org/name",
 			CommitSHA: "68bc59901773ab4c051dfcea0cc4201a1567ab32",
@@ -87,7 +87,7 @@ func Test_formatResults_outputToFile(t *testing.T) {
 	t.Parallel()
 	type args struct {
 		opts    *options.Options
-		results *ScorecardResult
+		results *Result
 		doc     checks.Doc
 		policy  *spol.ScorecardPolicy
 	}

pkg/scorecard/scorecard_test.go

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-package pkg
+package scorecard
 
 import (
 	"context"
@@ -141,7 +141,7 @@ func TestRun(t *testing.T) {
 	tests := []struct {
 		name    string
 		args    args
-		want    ScorecardResult
+		want    Result
 		wantErr bool
 	}{
 		{
@@ -150,7 +150,7 @@ func TestRun(t *testing.T) {
 				uri:       "github.com/ossf/scorecard",
 				commitSHA: "",
 			},
-			want: ScorecardResult{
+			want: Result{
 				Repo: RepoInfo{
 					Name: "github.com/ossf/scorecard",
 				},
@@ -193,10 +193,10 @@ func TestRun(t *testing.T) {
 				WithRepoClient(mockRepoClient),
 			)
 			if (err != nil) != tt.wantErr {
-				t.Errorf("RunScorecard() error = %v, wantErr %v", err, tt.wantErr)
+				t.Errorf("Run() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
-			ignoreDate := cmpopts.IgnoreFields(ScorecardResult{}, "Date")
+			ignoreDate := cmpopts.IgnoreFields(Result{}, "Date")
 			if !cmp.Equal(got, tt.want, ignoreDate) {
 				t.Errorf("expected %v, got %v", got, cmp.Diff(tt.want, got, ignoreDate))
 			}
@@ -219,7 +219,7 @@ func TestRun_WithProbes(t *testing.T) {
 		files   []string
 		name    string
 		args    args
-		want    ScorecardResult
+		want    Result
 		wantErr bool
 	}{
 		{
@@ -229,7 +229,7 @@ func TestRun_WithProbes(t *testing.T) {
 				commitSHA: "1a17bb812fb2ac23e9d09e86e122f8b67563aed7",
 				probes:    []string{fuzzed.Probe},
 			},
-			want: ScorecardResult{
+			want: Result{
 				Repo: RepoInfo{
 					Name:      "github.com/ossf/scorecard",
 					CommitSHA: "1a17bb812fb2ac23e9d09e86e122f8b67563aed7",
@@ -269,7 +269,7 @@ func TestRun_WithProbes(t *testing.T) {
 				commitSHA: "1a17bb812fb2ac23e9d09e86e122f8b67563aed7",
 				probes:    []string{"nonExistentProbe"},
 			},
-			want:    ScorecardResult{},
+			want:    Result{},
 			wantErr: true,
 		},
 	}
@@ -331,11 +331,11 @@ func TestRun_WithProbes(t *testing.T) {
 				WithProbes(tt.args.probes),
 			)
 			if (err != nil) != tt.wantErr {
-				t.Errorf("RunScorecard() error = %v, wantErr %v", err, tt.wantErr)
+				t.Errorf("Run() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 			ignoreRemediationText := cmpopts.IgnoreFields(finding.Remediation{}, "Text", "Markdown")
-			ignoreDate := cmpopts.IgnoreFields(ScorecardResult{}, "Date")
+			ignoreDate := cmpopts.IgnoreFields(Result{}, "Date")
 			ignoreUnexported := cmpopts.IgnoreUnexported(finding.Finding{})
 			if !cmp.Equal(got, tt.want, ignoreDate, ignoreRemediationText, ignoreUnexported) {
 				t.Errorf("expected %v, got %v", got, cmp.Diff(tt.want, got, ignoreDate,