Azeem Shaikh
1e488a804f
Fix for repos which do not squash PR commits ( #1637 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-02-14 23:33:15 +00:00
Azeem Shaikh
f3332ce129
Add validation for commit-based APIs ( #1635 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-02-14 22:24:35 +00:00
Azeem Shaikh
38be00c31f
Reduce query cost by analysing lesser associatedPR ( #1624 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-02-10 21:50:22 -06:00
Azeem Shaikh
6930c3ab3b
Add support for commit-based Scorecard ( #1613 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-02-07 19:03:36 -08:00
Azeem Shaikh
eac2aecce6
Add support for commit-based lookup to GitHub APIs ( #1612 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-02-07 22:06:05 +00:00
Azeem Shaikh
4581c363cf
Remove ListMergedPRs API ( #1566 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-02-03 00:01:35 +00:00
laurentsimon
9037444513
✨ Raw data for code review check ( #1505 )
...
* separate code review's eval and check
* missing file
* add comments
* fix
* fix
* linter
* fixes
* fix
* linter
* linter
* linter
* draft
* fixes
* fixes
* simplify
* update date
* rem comments
* typo
* linter
* typo
* linter
2022-02-02 19:51:38 +00:00
Azeem Shaikh
2d0e5381c2
Revert Committer.Name
change ( #1576 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-02-01 23:00:11 +00:00
Azeem Shaikh
3995d31abf
Refactor some code ( #1567 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-01-31 21:41:42 +00:00
Azeem Shaikh
58865e959e
Only return PRs assicated with recent commits ( #1562 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-01-29 18:55:26 -08:00
Azeem Shaikh
6962fb4858
Use committer name if login isn't available ( #1558 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-01-29 00:25:33 +00:00
Chris McGehee
7a6eb2812a
Not considering an issue as having activity if closed recently ( #1531 )
...
- The person who opened the issue can close it, so an issue closing does not indicate activity by a maintainer.
2022-01-25 21:59:03 -08:00
Stephen Augustus (he/him)
41adfe7f34
⚠️ log: Initial logr
/logrusr
implementation ( #1516 )
...
* log: Initial logr/logrusr implementation
Signed-off-by: Stephen Augustus <foo@auggie.dev>
* log: Update references to `log.Logger`
Signed-off-by: Stephen Augustus <foo@auggie.dev>
* go.mod: Minor reorganization of `replace`s
...to prevent automatic updates from getting added to the smaller
section.
Signed-off-by: Stephen Augustus <foo@auggie.dev>
2022-01-25 11:17:46 -06:00
Chris McGehee
b6cba86f72
🐛 Issue activity only counts if done by a maintainer ( #1515 )
...
* Issue activity only counts if done by a maintainer
* -Using pointer so that if Github API doesn't return a value for a field, it can be nil
- Updating AuthorAssociation to use an enum
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2022-01-24 16:12:54 +00:00
Stephen Augustus (he/him)
13b78ab010
⚠️ Create a dedicated logging package to encapsulate calls to zap
( #1502 )
...
* log: Init log package
Creates a wrapper around existing `zap.Logger` to make it easier
to replace/extend with scorecard logging.
Signed-off-by: Stephen Augustus <foo@auggie.dev>
* log: Replace instances of `zap.Logger` with `log.Logger`
Signed-off-by: Stephen Augustus <foo@auggie.dev>
* log: Add logic to parse `zapcore.Level`s as strings
Signed-off-by: Stephen Augustus <foo@auggie.dev>
* log: Express log levels
Signed-off-by: Stephen Augustus <foo@auggie.dev>
* log: Replace instances of `zapcore.Level` with `log.Level`
Signed-off-by: Stephen Augustus <foo@auggie.dev>
* log: Fixup comments for exported functions
Signed-off-by: Stephen Augustus <foo@auggie.dev>
2022-01-20 15:57:39 -08:00
Azeem Shaikh
f2c57d2590
✨ Migrate to v4
2022-01-12 14:12:09 -06:00
naveen
25cfdb7b13
Fixed the long lines
2022-01-04 13:55:58 -06:00
naveen
de39061cc5
🌱 Refactor vulnerabilities client
2022-01-04 13:55:58 -06:00
Evgeny Vereshchagin
75bcc333de
CI-Tests: look for test-related strings in target urls as well ( #1374 )
...
Apparently some projects like systemd and bcc put links (containing
the word "Jenkins") to their Jenkins instances in target urls.
https://buildbot.iovisor.org/jenkins/job/bcc-pr/1157/
https://jenkins-systemd.apps.ocp.ci.centos.org/job/upstream-vagrant-archlinux-sanitizers/8288/
It's a follow-up to https://github.com/ossf/scorecard/pull/1293#issuecomment-976384882
Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2021-12-08 17:34:28 +00:00
Azeem Shaikh
5025299eb6
Fix issues with CII client ( #1309 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-19 18:24:43 +00:00
Azeem Shaikh
89b316c64d
Use blob-based CII client in cron job ( #1284 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-19 08:02:06 +11:00
Azeem Shaikh
2375ae2812
Add a OssFuzzRepoClient ( #1280 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-17 03:04:37 +00:00
laurentsimon
86835fcfd6
🐛 Fix branch protection results ( #1252 )
...
* fix
* fix
* doc
* fix
* comment
* update tests
* fix
* fixes
* fix
* disable tests temp
* score change
* fix
* comments
* docs
2021-11-16 17:27:27 +00:00
asraa
5950fdef67
🐛 fix special character in search query to fix fuzzing check ( #1241 )
...
* fix fuzzing path separator
Signed-off-by: Asra Ali <asraa@google.com>
* add comment
Signed-off-by: Asra Ali <asraa@google.com>
2021-11-15 16:50:03 +00:00
Azeem Shaikh
6223b6620a
Add CIIClient interface ( #1262 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-15 02:46:41 +00:00
Azeem Shaikh
51de6b6e5d
Check for issue activity in Maintained ( #1251 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-12 22:16:22 +00:00
Eng Zer Jun
177502552a
🌱 Move from io/ioutil to io and os packages ( #1250 )
...
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil . This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.
Signed-off-by: Eng Zer Jun <zerjun@eta-hd.com>
Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2021-11-12 19:34:46 +00:00
Azeem Shaikh
c8d2a51375
Ignore nil values in Branch-Protection check ( #1243 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-12 19:11:06 +00:00
laurentsimon
795505fd7f
✨ Remove isScorecardRepo ( #1236 )
...
* remove isScorecardRepo
* linter
* linter
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-11-10 20:13:12 +00:00
laurentsimon
8805ac54d0
✨ Add --local
option to CLI ( #1211 )
...
* unit tests
* remove log
* fix
* gate local access
* comment
2021-11-03 15:17:58 +00:00
laurentsimon
a6d298a60a
✨ Use checks.yaml to store which repo types are supported by each check ( #1195 )
...
* draft
* draft 2
* remove enum
* update
* mock doc
* fix
2021-11-02 01:43:22 +00:00
laurentsimon
608866949b
🐛 Fix ListFiles caching in localrepo client ( #1190 )
...
* fix
* remove debug
2021-10-29 03:12:44 +00:00
laurentsimon
4cca9b4960
✨ Implement local repo client for local folders ( #1146 )
...
* draft
* draft
* docker file
* error
* fix
* fix
* bug
* comments
* missing merge
* fix
* merge issue
* fix
* validate format early
* comments
* fix
* fixes
* uncomment
* gate code for v4 code
* draft
* draft 2
* fix security-policy check
* fix
* merge fixes
* fixes
* fixes
* fixes
* fixes
* mock repo
* linter
* comments
* unit tests
* comments
2021-10-28 18:30:02 +00:00
laurentsimon
950e0e3d2d
✨ Add support for file-based repo URIs ( #1113 )
...
* draft
* draft
* docker file
* error
* fix
* fix
* fixa
* bug
* comments
* missing merge
* fix
* fix rebase
* merge issue
* fix
* validate format early
* fix
* fix2
* comments
* fix
2021-10-21 20:08:56 +00:00
Azeem Shaikh
5ec7b26e20
Fix connection refused
errors ( #1134 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-15 22:29:00 +00:00
Azeem Shaikh
89cae3a62a
Use GitHub auth server in cron release test ( #1133 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-15 10:24:31 -07:00
Azeem Shaikh
66f864022c
Add GitHub token server ( #1132 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-15 03:03:51 +00:00
Naveen
6c1c789dc5
🌱 v3 upgrade changes ( #1118 )
...
v3 go.mod changes
2021-10-07 18:16:01 -05:00
laurentsimon
0686ed2ba0
🐛 Fix invalid code review ( #1055 )
...
* fix bug
* fix
* comments
* fix
* fixes
2021-09-23 21:17:32 +00:00
Azeem Shaikh
14dc32f946
Enforce non-concurrent token usage ( #1048 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-21 17:52:13 -07:00
Azeem Shaikh
bc37c74b28
Remove Owner/Repo strings from CheckRequest ( #997 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-10 10:13:14 -07:00
Azeem Shaikh
e730e911e6
sce.Create -> sce.WithMessage for wrapcheck ( #995 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-10 15:50:33 +00:00
naveen
576447a45b
🌱 Fix the jwt finding
...
* This fixes the JWT finding CVE-2020-26160
2021-09-08 11:17:40 -05:00
neil465
5476b878bd
✨ Removed unnecessary linters ( #969 )
...
* gomnd
* prealloc
* dupl
2021-09-07 10:45:12 -04:00
Azeem Shaikh
7b912e8903
Return DefaultBranch as part of ListBranches ( #960 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-03 14:40:32 +00:00
Azeem Shaikh
afe5b40567
Make RepoClient as default interface for Scorecard ( #951 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-02 02:32:26 +00:00
Azeem Shaikh
eceb577b84
Add and use RepoClient API for ListStatuses ( #949 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-01 18:34:58 +00:00
Azeem Shaikh
eb2b3b2185
Add RepoClient API for ListCheckRunsForRef ( #948 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-01 17:43:53 +00:00
Azeem Shaikh
99b9c91570
Use RepoClient API for Packaging check ( #940 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-01 01:05:34 +00:00
Azeem Shaikh
e305a94e4f
Use ListReleases API for BranchProtection check ( #937 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-30 17:52:08 -07:00