scorecard

mirror of https://github.com/ossf/scorecard.git synced 2024-09-19 13:07:17 +03:00

Author	SHA1	Message	Date
Azeem Shaikh	1e488a804f	Fix for repos which do not squash PR commits (#1637 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2022-02-14 23:33:15 +00:00
Azeem Shaikh	f3332ce129	Add validation for commit-based APIs (#1635 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2022-02-14 22:24:35 +00:00
Azeem Shaikh	38be00c31f	Reduce query cost by analysing lesser associatedPR (#1624 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2022-02-10 21:50:22 -06:00
Azeem Shaikh	6930c3ab3b	Add support for commit-based Scorecard (#1613 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2022-02-07 19:03:36 -08:00
Azeem Shaikh	eac2aecce6	Add support for commit-based lookup to GitHub APIs (#1612 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2022-02-07 22:06:05 +00:00
Azeem Shaikh	4581c363cf	Remove ListMergedPRs API (#1566 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2022-02-03 00:01:35 +00:00
laurentsimon	9037444513	✨ Raw data for code review check (#1505 ) * separate code review's eval and check * missing file * add comments * fix * fix * linter * fixes * fix * linter * linter * linter * draft * fixes * fixes * simplify * update date * rem comments * typo * linter * typo * linter	2022-02-02 19:51:38 +00:00
Azeem Shaikh	2d0e5381c2	Revert `Committer.Name` change (#1576 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2022-02-01 23:00:11 +00:00
Azeem Shaikh	3995d31abf	Refactor some code (#1567 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2022-01-31 21:41:42 +00:00
Azeem Shaikh	58865e959e	Only return PRs assicated with recent commits (#1562 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2022-01-29 18:55:26 -08:00
Azeem Shaikh	6962fb4858	Use committer name if login isn't available (#1558 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2022-01-29 00:25:33 +00:00
Chris McGehee	7a6eb2812a	Not considering an issue as having activity if closed recently (#1531 ) - The person who opened the issue can close it, so an issue closing does not indicate activity by a maintainer.	2022-01-25 21:59:03 -08:00
Stephen Augustus (he/him)	41adfe7f34	⚠️ log: Initial `logr`/`logrusr` implementation (#1516 ) * log: Initial logr/logrusr implementation Signed-off-by: Stephen Augustus <foo@auggie.dev> * log: Update references to `log.Logger` Signed-off-by: Stephen Augustus <foo@auggie.dev> * go.mod: Minor reorganization of `replace`s ...to prevent automatic updates from getting added to the smaller section. Signed-off-by: Stephen Augustus <foo@auggie.dev>	2022-01-25 11:17:46 -06:00
Chris McGehee	b6cba86f72	🐛 Issue activity only counts if done by a maintainer (#1515 ) * Issue activity only counts if done by a maintainer * -Using pointer so that if Github API doesn't return a value for a field, it can be nil - Updating AuthorAssociation to use an enum Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>	2022-01-24 16:12:54 +00:00
Stephen Augustus (he/him)	13b78ab010	⚠️ Create a dedicated logging package to encapsulate calls to `zap` (#1502 ) * log: Init log package Creates a wrapper around existing `zap.Logger` to make it easier to replace/extend with scorecard logging. Signed-off-by: Stephen Augustus <foo@auggie.dev> * log: Replace instances of `zap.Logger` with `log.Logger` Signed-off-by: Stephen Augustus <foo@auggie.dev> * log: Add logic to parse `zapcore.Level`s as strings Signed-off-by: Stephen Augustus <foo@auggie.dev> * log: Express log levels Signed-off-by: Stephen Augustus <foo@auggie.dev> * log: Replace instances of `zapcore.Level` with `log.Level` Signed-off-by: Stephen Augustus <foo@auggie.dev> * log: Fixup comments for exported functions Signed-off-by: Stephen Augustus <foo@auggie.dev>	2022-01-20 15:57:39 -08:00
Azeem Shaikh	f2c57d2590	✨ Migrate to v4	2022-01-12 14:12:09 -06:00
naveen	25cfdb7b13	Fixed the long lines	2022-01-04 13:55:58 -06:00
naveen	de39061cc5	🌱 Refactor vulnerabilities client	2022-01-04 13:55:58 -06:00
Evgeny Vereshchagin	75bcc333de	CI-Tests: look for test-related strings in target urls as well (#1374 ) Apparently some projects like systemd and bcc put links (containing the word "Jenkins") to their Jenkins instances in target urls. https://buildbot.iovisor.org/jenkins/job/bcc-pr/1157/ https://jenkins-systemd.apps.ocp.ci.centos.org/job/upstream-vagrant-archlinux-sanitizers/8288/ It's a follow-up to https://github.com/ossf/scorecard/pull/1293#issuecomment-976384882 Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>	2021-12-08 17:34:28 +00:00
Azeem Shaikh	5025299eb6	Fix issues with CII client (#1309 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-11-19 18:24:43 +00:00
Azeem Shaikh	89b316c64d	Use blob-based CII client in cron job (#1284 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-11-19 08:02:06 +11:00
Azeem Shaikh	2375ae2812	Add a OssFuzzRepoClient (#1280 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-11-17 03:04:37 +00:00
laurentsimon	86835fcfd6	🐛 Fix branch protection results (#1252 ) * fix * fix * doc * fix * comment * update tests * fix * fixes * fix * disable tests temp * score change * fix * comments * docs	2021-11-16 17:27:27 +00:00
asraa	5950fdef67	🐛 fix special character in search query to fix fuzzing check (#1241 ) * fix fuzzing path separator Signed-off-by: Asra Ali <asraa@google.com> * add comment Signed-off-by: Asra Ali <asraa@google.com>	2021-11-15 16:50:03 +00:00
Azeem Shaikh	6223b6620a	Add CIIClient interface (#1262 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-11-15 02:46:41 +00:00
Azeem Shaikh	51de6b6e5d	Check for issue activity in Maintained (#1251 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-11-12 22:16:22 +00:00
Eng Zer Jun	177502552a	🌱 Move from io/ioutil to io and os packages (#1250 ) The io/ioutil package has been deprecated as of Go 1.16, see https://golang.org/doc/go1.16#ioutil. This commit replaces the existing io/ioutil functions with their new definitions in io and os packages. Signed-off-by: Eng Zer Jun <zerjun@eta-hd.com> Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>	2021-11-12 19:34:46 +00:00
Azeem Shaikh	c8d2a51375	Ignore nil values in Branch-Protection check (#1243 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-11-12 19:11:06 +00:00
laurentsimon	795505fd7f	✨ Remove isScorecardRepo (#1236 ) * remove isScorecardRepo * linter * linter Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>	2021-11-10 20:13:12 +00:00
laurentsimon	8805ac54d0	✨ Add `--local` option to CLI (#1211 ) * unit tests * remove log * fix * gate local access * comment	2021-11-03 15:17:58 +00:00
laurentsimon	a6d298a60a	✨ Use checks.yaml to store which repo types are supported by each check (#1195 ) * draft * draft 2 * remove enum * update * mock doc * fix	2021-11-02 01:43:22 +00:00
laurentsimon	608866949b	🐛 Fix ListFiles caching in localrepo client (#1190 ) * fix * remove debug	2021-10-29 03:12:44 +00:00
laurentsimon	4cca9b4960	✨ Implement local repo client for local folders (#1146 ) * draft * draft * docker file * error * fix * fix * bug * comments * missing merge * fix * merge issue * fix * validate format early * comments * fix * fixes * uncomment * gate code for v4 code * draft * draft 2 * fix security-policy check * fix * merge fixes * fixes * fixes * fixes * fixes * mock repo * linter * comments * unit tests * comments	2021-10-28 18:30:02 +00:00
laurentsimon	950e0e3d2d	✨ Add support for file-based repo URIs (#1113 ) * draft * draft * docker file * error * fix * fix * fixa * bug * comments * missing merge * fix * fix rebase * merge issue * fix * validate format early * fix * fix2 * comments * fix	2021-10-21 20:08:56 +00:00
Azeem Shaikh	5ec7b26e20	Fix `connection refused` errors (#1134 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-10-15 22:29:00 +00:00
Azeem Shaikh	89cae3a62a	Use GitHub auth server in cron release test (#1133 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-10-15 10:24:31 -07:00
Azeem Shaikh	66f864022c	Add GitHub token server (#1132 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-10-15 03:03:51 +00:00
Naveen	6c1c789dc5	🌱 v3 upgrade changes (#1118 ) v3 go.mod changes	2021-10-07 18:16:01 -05:00
laurentsimon	0686ed2ba0	🐛 Fix invalid code review (#1055 ) * fix bug * fix * comments * fix * fixes	2021-09-23 21:17:32 +00:00
Azeem Shaikh	14dc32f946	Enforce non-concurrent token usage (#1048 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-09-21 17:52:13 -07:00
Azeem Shaikh	bc37c74b28	Remove Owner/Repo strings from CheckRequest (#997 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-09-10 10:13:14 -07:00
Azeem Shaikh	e730e911e6	sce.Create -> sce.WithMessage for wrapcheck (#995 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-09-10 15:50:33 +00:00
naveen	576447a45b	🌱 Fix the jwt finding * This fixes the JWT finding CVE-2020-26160	2021-09-08 11:17:40 -05:00
neil465	5476b878bd	✨ Removed unnecessary linters (#969 ) * gomnd * prealloc * dupl	2021-09-07 10:45:12 -04:00
Azeem Shaikh	7b912e8903	Return DefaultBranch as part of ListBranches (#960 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-09-03 14:40:32 +00:00
Azeem Shaikh	afe5b40567	Make RepoClient as default interface for Scorecard (#951 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-09-02 02:32:26 +00:00
Azeem Shaikh	eceb577b84	Add and use RepoClient API for ListStatuses (#949 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-09-01 18:34:58 +00:00
Azeem Shaikh	eb2b3b2185	Add RepoClient API for ListCheckRunsForRef (#948 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-09-01 17:43:53 +00:00
Azeem Shaikh	99b9c91570	Use RepoClient API for Packaging check (#940 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-09-01 01:05:34 +00:00
Azeem Shaikh	e305a94e4f	Use ListReleases API for BranchProtection check (#937 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-08-30 17:52:08 -07:00

1 2

88 Commits