Azeem Shaikh
|
2b206dc365
|
Remove Version field from LogMessage (#1640)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-15 18:26:06 +00:00 |
|
Azeem Shaikh
|
2e3e505a8c
|
Simplify DetailLogger interface (#1628)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-11 15:48:58 -08:00 |
|
Azeem Shaikh
|
6930c3ab3b
|
Add support for commit-based Scorecard (#1613)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-07 19:03:36 -08:00 |
|
Azeem Shaikh
|
1c95237e4a
|
Only run allowed checks in different modes (#1579)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-07 16:49:49 -08:00 |
|
naveen
|
f7b329e830
|
✨ Unit test for all_checks
Addresses https://github.com/ossf/scorecard/issues/435
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
|
2022-01-12 17:24:38 -06:00 |
|
Azeem Shaikh
|
f2c57d2590
|
✨ Migrate to v4
|
2022-01-12 14:12:09 -06:00 |
|
laurentsimon
|
993e9c1010
|
update msg (#1457)
|
2022-01-10 22:22:39 +00:00 |
|
laurentsimon
|
df3d50df76
|
🐛 Fix score calculation for multiple files (#1401)
* multi file support
* fix multi-files permissions
* change name
* add tests
* use struct for files
* comments
* comment
|
2021-12-16 23:16:02 +00:00 |
|
Chris McGehee
|
f991fee32d
|
Adding line numbers for rest of Token-Permessions (and by extension, (#1381)
Packaging)
|
2021-12-14 04:14:35 +00:00 |
|
laurentsimon
|
6e013cf67d
|
✨ Token-Permission: Allow top level permissions not defined if all run level permissions are (#1356)
* doc
* allow non defined top level
* fix
* e2e fix
* linter
|
2021-12-08 01:18:28 +00:00 |
|
Chris McGehee
|
38b5199e9e
|
🐛 Adding line numbers to token-permissions and a couple other places (#1363)
* Adding line numbers to token-permissions and a couple other places
* Fix deadlink for security policy
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Furkan Türkal <furkan.turkal@trendyol.com>
* Updating formatting
Co-authored-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Furkan Türkal <furkan.turkal@trendyol.com>
|
2021-12-06 10:05:52 -06:00 |
|
laurentsimon
|
cc4949465b
|
✨ [Check split]: Binary-Artifacts (#1244)
* split binary artifact check
* fix
* missing file
* comments
* linter
* fix
* comments
* linter
|
2021-11-16 19:57:14 +00:00 |
|
laurentsimon
|
4502dfb557
|
✨ Reduce false positives in Token-Permissions for contents permission (#1253)
* fix
* tests
|
2021-11-16 03:03:54 +00:00 |
|
Chris McGehee
|
3dc507b9e1
|
Using library to parse github workflows
|
2021-11-08 17:00:40 -06:00 |
|
Chris McGehee
|
f319aca82d
|
Moving github worflow parsing to its own file
|
2021-11-08 17:00:40 -06:00 |
|
Chris McGehee
|
2006be1819
|
🐛 Token permission check was failing on non-yaml files
|
2021-11-04 06:19:10 -05:00 |
|
Naveen
|
6c1c789dc5
|
🌱 v3 upgrade changes (#1118)
v3 go.mod changes
|
2021-10-07 18:16:01 -05:00 |
|
Azeem Shaikh
|
e730e911e6
|
sce.Create -> sce.WithMessage for wrapcheck (#995)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2021-09-10 15:50:33 +00:00 |
|
laurentsimon
|
6403eb1382
|
✨ Transition Packaging, SAST, Security-policy, Signed-releases check to the new structured detail format (#887)
* move checks to new format
* fix
* comments
* fix
* comments
|
2021-08-24 01:44:06 +00:00 |
|
laurentsimon
|
b731f450b9
|
✨ Transition Vulnerabilities, Permissions, CI-Tests, Dependency-Update-Tool, Code-Reviews to structured details (#889)
* move other checks togit add -u
* more checks
* fixes
|
2021-08-24 00:54:22 +00:00 |
|
laurentsimon
|
d821ea27ec
|
✨ improve token permission (#811)
* sarif action
* update
|
2021-08-05 17:10:34 +00:00 |
|
laurentsimon
|
b2b37161f3
|
✨ Improve token permission check (#800)
* draft
* draft 2
* draft3
* fix e2e
* comment
* comment
* check codeql
* missing files
* comments
* nit
* update msg
* msg
* nit
* nit
* msg
* e2e
* update doc
|
2021-08-03 00:56:45 +00:00 |
|
Azeem Shaikh
|
83e9f52501
|
Enable revive linters which are used in google3 (#793)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2021-07-31 22:31:34 +00:00 |
|
laurentsimon
|
29594d4294
|
✨ change signature of FileIfExist and FileContent (#787)
* draft
* add pinning
* remove functions
* typo
* commment
* name
|
2021-07-30 15:09:52 +00:00 |
|
laurentsimon
|
c48fe4f9ed
|
✨ Make Token-Permission check more granular (#773)
* draft
* add tests
* add e2e2 tests
* typos
* typo
* fixes
* linter
* use named value
* comments
* comment
|
2021-07-30 00:13:01 +00:00 |
|
Naveen
|
4d7fb5d748
|
🌱 Fix the go.mod with v2 upgrade (#716)
The go.mod and the related files weren't t updated with the v2 upgrade.
https://github.com/ossf/scorecard/issues/711
This fix will address the issue.
|
2021-07-26 13:01:25 -05:00 |
|
Azeem Shaikh
|
9bf1cdc9ce
|
Update ListFiles API to return error (#746)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2021-07-25 17:47:36 -07:00 |
|
laurentsimon
|
c741335683
|
✨ [migration to score] 3: branch protection, frozen-deps, token permissions (#719)
* details-1
* nits
* typo
* commments
* dependabot and binary artifacts checks
* typo
* linter
* missing errors.go
* linter
* merge fix
* branch protection, frozen-deps, token permissions
* linter
* linter
|
2021-07-21 09:21:43 -07:00 |
|
laurentsimon
|
2c9a05c721
|
✨ cleanup for token doc and code (#552)
* cleanup
* comment
|
2021-06-07 18:01:18 +00:00 |
|
laurentsimon
|
d528b6e626
|
✨ Cleanup code for github tokens #534 (#539)
* missed comments
* comments
|
2021-06-04 00:12:56 +00:00 |
|
laurentsimon
|
37d979f79b
|
✨ check for read-only permissions of github token (#534)
* check for read-only permissions of github token
* linter
* linter
* doc
* comments
* commments
* fix
* generate checks.mg
* update license
* linter
* comments
* license
* linter
* missing file
* linter
* license
* cleanup
|
2021-06-03 16:30:37 -07:00 |
|