* 🌱 Add branch protection evaluation
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* make helper for getting the branchName
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* move check for branch name
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* define size of slice
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* add probe for protected branches.
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change 'basicNonAdminProtection' to 'deleteAndForcePushProtection'
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix markdown in text field in def.yml
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove duplicate conditional
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove redundant 'protected' value from 'requiresCodeOwnersReview' probe
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove protected values from probes
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Bring back negative outcome in case of 0 codeowners files
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* log based on whether branches are protected
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove unnecessary test
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* debug failing tests
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Fix failing tests
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* rename test
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* update to with latest upstream changes
Signed-off-by: AdamKorcz <adam@adalogics.com>
* fix linting issues
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove tests that represent impossible scenarios
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove protected finding value
This was discussed previously, but accidentally reverted
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Revert "debug failing tests"
This reverts commit 00acf66ea6.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* use branchName key for branch name
Signed-off-by: Spencer Schrock <sschrock@google.com>
* include number of reviews in INFO
this was previously included by the old evaluation code
Signed-off-by: Spencer Schrock <sschrock@google.com>
* reduce info count by 1
requiring codeowners without a corresponding file used to give 1 INFO and 1 WARN
now it only gives 1 WARN
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Adam Korczynski <adam@adalogics.com>
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Spencer Schrock <sschrock@google.com>
Co-authored-by: Spencer Schrock <sschrock@google.com>
* 🌱 Add probes for Branch Protection
Signed-off-by: AdamKorcz <adam@adalogics.com>
* specify that Scorecard only considers default and releases branches
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* reduce duplication in blocksDeleteOnBranches
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use helper to test for boolean values
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Fix typo, mention OutcomeNotAvailable
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix typo and elaborate on effort
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix typo. Specify which branches the probe considers
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Fix copy paste typo
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove '/en' from url
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change effort from 'High' to 'Low' in the blocksForcePushOnBranches probe def
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix remediation level
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Change probe package name
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* improve probe definitions
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* refactor test names
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Change motivation of two probes
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* downgrade effort of runsStatusChecksBeforeMerging
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* reduce complexity of blocksForcePushOnBranches
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* simplify requiresCodeOwnersReview logic
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix linter issues
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix copy paste error
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* differentiate trueMsg and falseMsg in requiresApproversForPullRequests
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix text in requiresCodeOwnersReview
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change outcome in utils
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix lint issues
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix nit in text
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use standardized messages
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove 'Uint32LargerThan0'
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Add number of required reviewers to values. Refactor to avoid nil-dereference
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix nit log message
Signed-off-by: Adam Korczynski <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Adam Korczynski <adam@adalogics.com>