laurentsimon
b1ab16e80f
✨ Add raw results to cron scans ( #1741 )
...
* draft
* updates
* updates
* updates
* updates
* updates
* comments
* comments
* comments
* comments
* comments
* comments
2022-03-18 19:05:14 -07:00
Azeem Shaikh
6930c3ab3b
Add support for commit-based Scorecard ( #1613 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-02-07 19:03:36 -08:00
Azeem Shaikh
1c95237e4a
Only run allowed checks in different modes ( #1579 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-02-07 16:49:49 -08:00
laurentsimon
9037444513
✨ Raw data for code review check ( #1505 )
...
* separate code review's eval and check
* missing file
* add comments
* fix
* fix
* linter
* fixes
* fix
* linter
* linter
* linter
* draft
* fixes
* fixes
* simplify
* update date
* rem comments
* typo
* linter
* typo
* linter
2022-02-02 19:51:38 +00:00
naveen
f7b329e830
✨ Unit test for all_checks
...
Addresses https://github.com/ossf/scorecard/issues/435
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-01-12 17:24:38 -06:00
Azeem Shaikh
f2c57d2590
✨ Migrate to v4
2022-01-12 14:12:09 -06:00
Evgeny Vereshchagin
2e391503e4
Code-Review: show PRs merged without code review ( #1375 )
...
to make it easier to figure out whether those PRs are really merged
without code review or whether there is a bug in scorecard like
https://github.com/ossf/scorecard/issues/1260 that prevents it
from finding reviewed PRs. Other than that, the "CI-Tests" check
already show "untested" PRs so it seems the "Code-Review" check
should follow suit.
2021-12-07 16:47:29 -08:00
Naveen
6c1c789dc5
🌱 v3 upgrade changes ( #1118 )
...
v3 go.mod changes
2021-10-07 18:16:01 -05:00
Azeem Shaikh
00741115ae
Fix CodeReview bug ( #1058 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-24 03:56:50 +00:00
laurentsimon
0686ed2ba0
🐛 Fix invalid code review ( #1055 )
...
* fix bug
* fix
* comments
* fix
* fixes
2021-09-23 21:17:32 +00:00
laurentsimon
b9daae1c0c
🐛 Update message for Code-Review ( #1054 )
...
* update msg
* fix
2021-09-22 21:09:44 +00:00
laurentsimon
b0fab3fa43
code ( #1006 )
...
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-09-13 16:35:50 +00:00
Azeem Shaikh
e730e911e6
sce.Create -> sce.WithMessage for wrapcheck ( #995 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-10 15:50:33 +00:00
Azeem Shaikh
9a1978a051
Use RefUpdateRule in BranchProtection check ( #936 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-30 23:14:42 +00:00
laurentsimon
b731f450b9
✨ Transition Vulnerabilities, Permissions, CI-Tests, Dependency-Update-Tool, Code-Reviews to structured details ( #889 )
...
* move other checks togit add -u
* more checks
* fixes
2021-08-24 00:54:22 +00:00
laurentsimon
b35cbdcdcf
✨ Make Branch-Protection score more granular ( #777 )
...
* commit
* uni tests
* full score
* typos
* update msg
* remove function
* comments
* linter
* comments
2021-07-30 01:54:19 +00:00
Azeem Shaikh
1d1e799f84
Add ListCommits and IsArchived API ( #772 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-07-29 14:18:58 -07:00
Naveen
4d7fb5d748
🌱 Fix the go.mod with v2 upgrade ( #716 )
...
The go.mod and the related files weren't t updated with the v2 upgrade.
https://github.com/ossf/scorecard/issues/711
This fix will address the issue.
2021-07-26 13:01:25 -05:00
Azeem Shaikh
7c133bc767
Create APIs for MergedPRs and DefaultBranch ( #745 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-07-25 17:37:14 -07:00
laurentsimon
37d13c2972
✨ Code-Review cleanup ( #740 )
...
* sast cleanup
* code-review cleanup
* typo
* merge fix
2021-07-22 23:12:53 +00:00
laurentsimon
89c8e2af31
✨ [migration to score] 7: CI-Test, CII Best practices, security policy file ( #733 )
...
* ci, cii, sec file
* linter
* check doc
* typo
* fix
* comments
* linter
* fix sast
* fix score calc
2021-07-22 15:37:31 +00:00
laurentsimon
ae33db624e
✨ [migration to score] 6: signed tags, signed release, PR, fuzzing ( #732 )
...
* yaml file
* sort checks
* comments
* signed tags
* signed release, PR, fuzzing
* typo
2021-07-21 18:10:47 -07:00
laurentsimon
53c056081b
✨ [migration to score] 5: contributors, vulnerabilities, packaging and sast ( #729 )
...
* contributors
* packaging
* vulnerabilities
* fix errors
* err
* errors
2021-07-21 13:40:16 -07:00
laurentsimon
6f203e73b6
✨ [migration to score] 4: active, fuzzing and code-review ( #721 )
...
* details-1
* nits
* typo
* commments
* dependabot and binary artifacts checks
* typo
* linter
* missing errors.go
* linter
* merge fix
* active, fuzzing and code review checks
* e2e tests for fuzzing
* fixes
2021-07-21 09:40:40 -07:00
Azeem Shaikh
08e934cbc2
Use GraphQL instead of REST to reduce token usage ( #640 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-07-01 15:32:57 -07:00
dependabot[bot]
5dd7f118ae
🌱 Bump github.com/golangci/golangci-lint from 1.40.1 to 1.41.1 ( #627 )
...
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint ) from 1.40.1 to 1.41.1.
- [Release notes](https://github.com/golangci/golangci-lint/releases )
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.40.1...v1.41.1 )
---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Azeem Shaikh <azeems@google.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-06-29 10:26:16 -07:00
Azeem Shaikh
be8aa3d713
Export registered check names ( #518 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-27 14:54:34 -07:00
Chris McGehee
6b63f3f963
🌱 Fix lint issues: Replace golint with revive ( #493 )
...
* Fix lint issues: Replace golint with revive
golint is deprecated and recommended to be replaced with revive
* Updating comments to be more accurate
* Updating comments again
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-05-24 11:34:33 -07:00
Chris McGehee
61ecad3151
Add new linter: gci ( #498 )
2021-05-23 20:51:52 -07:00
Chris McGehee
2e7a71fbf2
Fix lint issues: goerr113 linter ( #491 )
...
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-05-22 12:36:47 -07:00
Chris McGehee
50f7ed8519
🌱 Fix lint issues: gochecknoinits linter ( #485 )
...
* Fix lint issues: gochecknoinits linter
* Fix lint issues: gochecknoinits linter
2021-05-22 13:19:52 -04:00
Abhishek Arya
5f82d2b9c0
✨ Add checks for workflow action pinning ( #466 )
...
Patch by Laurent Simon <laurentsimon@google.com>
Co-authored-by: Laurent Simon <laurentsimon@google.com>
2021-05-17 13:03:39 -07:00
Laurent Simon
feafbf2610
Fix segfault issue #419
2021-05-07 20:30:22 -05:00
Chris McGehee
87b5a6a922
Fix lint issues: godot linter
2021-05-02 11:14:01 -05:00
Chris McGehee
06993b72ce
🐛 Fix linting issues (1 of n) ( #348 )
...
* Fix lint issues: whitespace linter
* Fix lint issues: wrapcheck linter
* Fix lint issues: errcheck linter
* Fix lint issues: paralleltest linter
* Fix lint issues: gocritic linter
Most changes from this commit are from passing checker.CheckResult by reference and not by value. gocritic identified that as a huge parameter.
gocritic also prefers regexp.MustCompile over Compile when the pattern is a const
2021-04-19 12:18:34 -07:00
Azeem Shaikh
a58818d258
🌱 : Reduce code duplication for follow-up cron refactoring ( #338 )
...
* ✨ Refactor to reduce code duplication
* ✨
* Move lib/ back to checker/
* Move lib/ back to checker/
* Move lib/ back to checker/
* Address PR comments.
* Addressing PR comments.
* Avoid printing `ShouldRetry` and `Error` in output JSON.
* Fix JSON output.
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-04-10 07:26:56 -05:00
Nathan
554ca76bfe
Fix - golangci issues gomnd, goconst
...
Fixed the golangci issues for gomnd and goconst.
Added ginkgo dependency in the makefile.
2021-02-17 18:22:18 -05:00
Abhishek Arya
09b83b9bf1
Fixes
...
- Fix nil exception in packaging on https://github.com/OSGeo/gdal
- Add jenkins ci in ci tests, tested on https://github.com/jenkinsci/jenkins
- Generalize function name in code review check.
2021-01-24 18:36:36 -05:00
Abhishek Arya
6a7eb62fea
Fix condition.
2020-11-21 18:40:52 -08:00
Abhishek Arya
3379ada1d5
Improve code review check to account for diff author-committer usecase.
...
See
$ go run . --repo=https://github.com/protocolbuffers/protobuf --show-details --checks=Code-Review
Starting [Code-Review]
Finished [Code-Review]
RESULTS
-------
Code-Review: Pass 9
found different author and committer for pr: 8053
found different author and committer for pr: 8052
found review approved pr: 8048
found review approved pr: 8045
found different author and committer for pr: 8043
found review approved pr: 8035
found review approved pr: 8032
found review approved pr: 8030
found review approved pr: 8029
found review approved pr: 8028
found review approved pr: 8026
found review approved pr: 8025
found review approved pr: 8024
found review approved pr: 8023
found review approved pr: 8022
found different author and committer for pr: 8014
found different author and committer for pr: 8013
found review approved pr: 8011
found review approved pr: 8010
found review approved pr: 8006
found review approved pr: 8005
found different author and committer for pr: 8003
found review approved pr: 8000
found different author and committer for pr: 7997
github code reviews found
2020-11-20 13:21:59 -08:00
Abhishek Arya
dde26dfceb
Update checks for Gerrit use
2020-11-19 07:36:37 -08:00
Dan Lorenc
9f686dc707
Rename repo/modules.
2020-10-27 14:23:48 -05:00
Abhishek Arya
81eab9d2d8
Add license header and code of conduct files. ( #34 )
...
* Add license header and code of conduct files.
* Fill missing field.
2020-10-26 15:22:13 -05:00
Abhishek Arya
5649a8370c
fix check
2020-10-24 10:24:27 -07:00
Abhishek Arya
6c790d84da
Add some missing detail messages, improve others.
2020-10-24 10:20:49 -07:00
Abhishek Arya
88ffaaad6f
Lower pr review policy confidence to enforce GithubCodeReview ( #19 )
...
PR review policy is good to check but keep its confidence low
since actual enforcement is checked by GithubCodeReview and
ProwCodeReview and those values should be used.
2020-10-17 19:09:35 -05:00
Abhishek Arya
6e5ce52cae
Fix filenames to match check names, remove unneeded repos.txt. ( #15 )
...
* Fix filenames to match check names, remove unneeded repos.txt.
* Fix conflict.
* Minor fix.
2020-10-16 13:22:28 -05:00