Chris McGehee
|
f991fee32d
|
Adding line numbers for rest of Token-Permessions (and by extension, (#1381)
Packaging)
|
2021-12-14 04:14:35 +00:00 |
|
laurentsimon
|
6e013cf67d
|
✨ Token-Permission: Allow top level permissions not defined if all run level permissions are (#1356)
* doc
* allow non defined top level
* fix
* e2e fix
* linter
|
2021-12-08 01:18:28 +00:00 |
|
Chris McGehee
|
38b5199e9e
|
🐛 Adding line numbers to token-permissions and a couple other places (#1363)
* Adding line numbers to token-permissions and a couple other places
* Fix deadlink for security policy
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Furkan Türkal <furkan.turkal@trendyol.com>
* Updating formatting
Co-authored-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Furkan Türkal <furkan.turkal@trendyol.com>
|
2021-12-06 10:05:52 -06:00 |
|
laurentsimon
|
cc4949465b
|
✨ [Check split]: Binary-Artifacts (#1244)
* split binary artifact check
* fix
* missing file
* comments
* linter
* fix
* comments
* linter
|
2021-11-16 19:57:14 +00:00 |
|
laurentsimon
|
4502dfb557
|
✨ Reduce false positives in Token-Permissions for contents permission (#1253)
* fix
* tests
|
2021-11-16 03:03:54 +00:00 |
|
Chris McGehee
|
3dc507b9e1
|
Using library to parse github workflows
|
2021-11-08 17:00:40 -06:00 |
|
Chris McGehee
|
f319aca82d
|
Moving github worflow parsing to its own file
|
2021-11-08 17:00:40 -06:00 |
|
Chris McGehee
|
2006be1819
|
🐛 Token permission check was failing on non-yaml files
|
2021-11-04 06:19:10 -05:00 |
|
Naveen
|
6c1c789dc5
|
🌱 v3 upgrade changes (#1118)
v3 go.mod changes
|
2021-10-07 18:16:01 -05:00 |
|
Azeem Shaikh
|
e730e911e6
|
sce.Create -> sce.WithMessage for wrapcheck (#995)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2021-09-10 15:50:33 +00:00 |
|
laurentsimon
|
6403eb1382
|
✨ Transition Packaging, SAST, Security-policy, Signed-releases check to the new structured detail format (#887)
* move checks to new format
* fix
* comments
* fix
* comments
|
2021-08-24 01:44:06 +00:00 |
|
laurentsimon
|
b731f450b9
|
✨ Transition Vulnerabilities, Permissions, CI-Tests, Dependency-Update-Tool, Code-Reviews to structured details (#889)
* move other checks togit add -u
* more checks
* fixes
|
2021-08-24 00:54:22 +00:00 |
|
laurentsimon
|
d821ea27ec
|
✨ improve token permission (#811)
* sarif action
* update
|
2021-08-05 17:10:34 +00:00 |
|
laurentsimon
|
b2b37161f3
|
✨ Improve token permission check (#800)
* draft
* draft 2
* draft3
* fix e2e
* comment
* comment
* check codeql
* missing files
* comments
* nit
* update msg
* msg
* nit
* nit
* msg
* e2e
* update doc
|
2021-08-03 00:56:45 +00:00 |
|
Azeem Shaikh
|
83e9f52501
|
Enable revive linters which are used in google3 (#793)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2021-07-31 22:31:34 +00:00 |
|
laurentsimon
|
29594d4294
|
✨ change signature of FileIfExist and FileContent (#787)
* draft
* add pinning
* remove functions
* typo
* commment
* name
|
2021-07-30 15:09:52 +00:00 |
|
laurentsimon
|
c48fe4f9ed
|
✨ Make Token-Permission check more granular (#773)
* draft
* add tests
* add e2e2 tests
* typos
* typo
* fixes
* linter
* use named value
* comments
* comment
|
2021-07-30 00:13:01 +00:00 |
|
Naveen
|
4d7fb5d748
|
🌱 Fix the go.mod with v2 upgrade (#716)
The go.mod and the related files weren't t updated with the v2 upgrade.
https://github.com/ossf/scorecard/issues/711
This fix will address the issue.
|
2021-07-26 13:01:25 -05:00 |
|
Azeem Shaikh
|
9bf1cdc9ce
|
Update ListFiles API to return error (#746)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2021-07-25 17:47:36 -07:00 |
|
laurentsimon
|
c741335683
|
✨ [migration to score] 3: branch protection, frozen-deps, token permissions (#719)
* details-1
* nits
* typo
* commments
* dependabot and binary artifacts checks
* typo
* linter
* missing errors.go
* linter
* merge fix
* branch protection, frozen-deps, token permissions
* linter
* linter
|
2021-07-21 09:21:43 -07:00 |
|
laurentsimon
|
2c9a05c721
|
✨ cleanup for token doc and code (#552)
* cleanup
* comment
|
2021-06-07 18:01:18 +00:00 |
|
laurentsimon
|
d528b6e626
|
✨ Cleanup code for github tokens #534 (#539)
* missed comments
* comments
|
2021-06-04 00:12:56 +00:00 |
|
laurentsimon
|
37d979f79b
|
✨ check for read-only permissions of github token (#534)
* check for read-only permissions of github token
* linter
* linter
* doc
* comments
* commments
* fix
* generate checks.mg
* update license
* linter
* comments
* license
* linter
* missing file
* linter
* license
* cleanup
|
2021-06-03 16:30:37 -07:00 |
|