Spencer Schrock
6dcfde9299
🐛 Fix remediation text when Scorecard is run multiple times within a program ( #2168 )
...
* quick fix for wrong info in remediation text
* add test for old, incorrect behavior
* Rename Setup to New
2022-08-17 16:10:49 -05:00
Varun Sharma
86d1c7c37a
🐛 Fix bug 2051 ( #2140 )
...
* Fix bug 2051
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
* Fix lint errors and add mock code
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
* Fix unit test
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2022-08-12 16:23:07 +00:00
Spencer Schrock
096cbd0622
✨ Use crane to add hash suggestion to unpinned Docker images ( #2037 )
...
* Use crane to add hash suggestion to unpinned Docker images
* Add nil check before dereferencing name for image digest
* Reformat changes to comply with linter
* Add basic remediation for dockerfile pinning
* Deduplicate remediation code
* Remove reference to linux/amd64, as crane digest should be universal
* add remediation info to scorecard output. switch to using strings.Builder for more maintainable logic
2022-07-19 10:56:49 -07:00
laurentsimon
838f62f65a
✨ Add raw results for Token-Permissions ( #1912 )
...
* draft
* update
* update
* draft
* updates
* update
* update
* update
* update
* update
* update
* update
* update
* e2e test for empty repo
* update
* rename structure
* update
2022-07-15 21:48:50 +00:00
laurentsimon
3957460c2b
update ( #2011 )
2022-06-29 10:10:15 -07:00
laurentsimon
4bd3391a36
✨ Raw results for Pinned-Dependencies ( #1932 )
...
* backup
* update
* update
* draft
* updates
* updates
* updates
* updates
* fix
* linter
* updates
* updates
* updates
* updates
* updates
* updates
* updates
* linter
* comments
* linter
* linter
* tests
* updates
* updates
* tests
2022-06-06 14:31:22 -07:00