dependabot[bot]
|
e3637c9e17
|
🌱 Bump cloud.google.com/go/bigquery from 1.27.0 to 1.28.0
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go) from 1.27.0 to 1.28.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.27.0...spanner/v1.28.0)
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-02-15 06:21:45 -06:00 |
|
Azeem Shaikh
|
1e488a804f
|
Fix for repos which do not squash PR commits (#1637)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-14 23:33:15 +00:00 |
|
Azeem Shaikh
|
f3332ce129
|
Add validation for commit-based APIs (#1635)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-14 22:24:35 +00:00 |
|
dependabot[bot]
|
eb0730ae79
|
🌱 Bump github.com/goreleaser/goreleaser in /tools (#1632)
|
2022-02-14 11:35:10 +00:00 |
|
Stephen Augustus (he/him)
|
394789cf22
|
README.md: Add OpenSSF Best Practices badge (#1629)
Signed-off-by: Stephen Augustus <foo@auggie.dev>
|
2022-02-12 03:46:52 -08:00 |
|
Azeem Shaikh
|
2e3e505a8c
|
Simplify DetailLogger interface (#1628)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-11 15:48:58 -08:00 |
|
Azeem Shaikh
|
38be00c31f
|
Reduce query cost by analysing lesser associatedPR (#1624)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-10 21:50:22 -06:00 |
|
laurentsimon
|
7de151cf49
|
✨ Check for secrets in workflows run on pull requests (#1615)
* updates
* missing files
* typo
* linter
* linter
* updates
* updates
|
2022-02-10 18:54:44 +00:00 |
|
dependabot[bot]
|
9b921f07c7
|
🌱 Bump actions/setup-go from 2.1.5 to 2.2.0 (#1619)
|
2022-02-10 10:13:56 +00:00 |
|
laurentsimon
|
61e52d4a65
|
update workflow (#1617)
|
2022-02-09 10:51:58 -08:00 |
|
dependabot[bot]
|
368c105abe
|
🌱 Bump cloud.google.com/go/pubsub from 1.17.0 to 1.18.0 (#1616)
|
2022-02-09 09:34:53 +00:00 |
|
Azeem Shaikh
|
6930c3ab3b
|
Add support for commit-based Scorecard (#1613)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-07 19:03:36 -08:00 |
|
Azeem Shaikh
|
1c95237e4a
|
Only run allowed checks in different modes (#1579)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-07 16:49:49 -08:00 |
|
Azeem Shaikh
|
eac2aecce6
|
Add support for commit-based lookup to GitHub APIs (#1612)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-07 22:06:05 +00:00 |
|
naveen
|
68bf172e59
|
🌱 Unit tests fileparser/listing
Unit tests fileparser/listing
https://github.com/ossf/scorecard/issues/986
|
2022-02-07 15:33:18 -06:00 |
|
Naveen
|
30fc06e4a8
|
Fixed the formatting issue
|
2022-02-07 15:15:57 -06:00 |
|
naveen
|
aaf7a9f208
|
🌱 Cache builds between runs
Cache builds between runs.
|
2022-02-07 11:52:36 -06:00 |
|
naveen
|
049db386a5
|
🌱 Unit tests for dependency_update_tool
Unit tests for dependency_update_tool
https://github.com/ossf/scorecard/issues/986
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
|
2022-02-07 11:05:37 -06:00 |
|
laurentsimon
|
873308016c
|
checks/packaging.go: ignore workflows/<>/ files (#1591)
|
2022-02-04 21:42:59 +00:00 |
|
Julia Ferraioli
|
95e7c030eb
|
Update the biweekly meeting times (#1603)
|
2022-02-04 20:50:41 +00:00 |
|
naveen
|
80cc0dd11e
|
🌱 Unit tests checks/ci_tests_test.go
Unit tests for tests checks/ci_tests_test.go
https://github.com/ossf/scorecard/issues/986
|
2022-02-04 13:26:16 -06:00 |
|
Behnaz Hassanshahi
|
f84291dcfd
|
🐛 Fix Dependabot check to accept .yaml file extension (#1601)
|
2022-02-03 23:53:32 +00:00 |
|
naveen
|
5e1fd5230c
|
🌱 Tweaking codecov config
|
2022-02-03 15:50:16 -06:00 |
|
naveen
|
35aad1dce5
|
🌱 Unit tests code-review for raw
Unit tests code-review for raw.
https://github.com/ossf/scorecard/issues/986
|
2022-02-03 13:22:39 -06:00 |
|
naveen
|
674f747d47
|
🌱 Unit tests for vulnerabilities raw package
Unit tests for vulnerabilities raw package
https://github.com/ossf/scorecard/issues/986
|
2022-02-03 13:00:35 -06:00 |
|
Arnout Engelen
|
28bf341a3f
|
📖 recommend nix-shell over nix-env
Which is more idiomatic
|
2022-02-03 11:53:25 -06:00 |
|
naveen
|
634643e9f7
|
🌱 Unit test for fileparser/listing
Unit test for fileparser/listing
https://github.com/ossf/scorecard/issues/986
🌱 Unit test for fileparser/listing
Unit tests for fileparser/listing
https://github.com/ossf/scorecard/issues/986
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
|
2022-02-03 11:01:57 -06:00 |
|
Martijn Pieters
|
88aa0e8159
|
📖 Add make install to Environment Setup
Fixes #1588
|
2022-02-03 10:39:37 -06:00 |
|
Azeem Shaikh
|
4581c363cf
|
Remove ListMergedPRs API (#1566)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-03 00:01:35 +00:00 |
|
laurentsimon
|
9037444513
|
✨ Raw data for code review check (#1505)
* separate code review's eval and check
* missing file
* add comments
* fix
* fix
* linter
* fixes
* fix
* linter
* linter
* linter
* draft
* fixes
* fixes
* simplify
* update date
* rem comments
* typo
* linter
* typo
* linter
|
2022-02-02 19:51:38 +00:00 |
|
laurentsimon
|
7032b1910e
|
Ignore all files under testdata/ (#1594)
|
2022-02-02 19:17:21 +00:00 |
|
laurentsimon
|
0670b8bdee
|
pkg/sarif.go: Add score in message (#1593)
pkg/testdata/check6.sarif: Update message
|
2022-02-02 18:30:04 +00:00 |
|
naveen
|
009aa85e3f
|
🌱 Unit tests for Vulnerabilities
- Unit tests for Vulnerabilities
- https://github.com/ossf/scorecard/issues/986
|
2022-02-02 11:55:57 -06:00 |
|
naveen
|
05cedd7cf7
|
🌱 Categorize the Makefile
Categorize the makefile into sections for better readability.
Examples :- Development, Build and Tests
|
2022-02-02 11:17:23 -06:00 |
|
laurentsimon
|
79b216c956
|
checks/security_policy_test.go: updated unit tests (#1590)
checks/raw/security_policy.go: add support for .adoc policies
|
2022-02-02 08:31:42 -08:00 |
|
Arnout Engelen
|
24842de010
|
📖 remove inaccurate claim about github rendering emoji
GitHub renders `:xyz:` aliases in PR titles just fine nowadays.
|
2022-02-02 09:15:27 -06:00 |
|
laurentsimon
|
86d8281031
|
Do not parse non-dockerfile (#1583)
* draft
* checks/pinned_dependencies.go: added isDockerfiler()
checks/pinned_dependencies_test.go: added TestDockerfileInvalidFiles
* undo CodeQL
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
|
2022-02-01 23:50:15 +00:00 |
|
Azeem Shaikh
|
2d0e5381c2
|
Revert Committer.Name change (#1576)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-02-01 23:00:11 +00:00 |
|
naveen
|
e4eb6d247f
|
🌱 Unit tests for security policy
Unit tests for security policy.
https://github.com/ossf/scorecard/issues/986
|
2022-02-01 14:06:28 -06:00 |
|
dependabot[bot]
|
9d38be486e
|
🌱 Bump ossf/scorecard-action from 1.0.2 to 1.0.3
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.0.2 to 1.0.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Commits](c8416b0b2b...b614d455ee )
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-02-01 12:12:33 -06:00 |
|
laurentsimon
|
cbbfebb0e8
|
✨ Mention renovatebot's settings (#1575)
* uupdate doc
* docs/checks/internal/checks.yaml: updated
docs/checks.md: updated
|
2022-01-31 15:41:20 -08:00 |
|
Azeem Shaikh
|
3995d31abf
|
Refactor some code (#1567)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-01-31 21:41:42 +00:00 |
|
naveen
|
fae5ff334f
|
🌱 Unit tests for fileparser
Included additional tests for fileparser.
https://github.com/ossf/scorecard/issues/986
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
|
2022-01-31 14:09:02 -06:00 |
|
Azeem Shaikh
|
58865e959e
|
Only return PRs assicated with recent commits (#1562)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-01-29 18:55:26 -08:00 |
|
Stephen Augustus (he/him)
|
53f21cb523
|
README: s/Justin/Stephen (#1565)
...also fixes link to GitHub profile.
Signed-off-by: Stephen Augustus <foo@auggie.dev>
|
2022-01-29 10:32:07 -08:00 |
|
Azeem Shaikh
|
6962fb4858
|
Use committer name if login isn't available (#1558)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-01-29 00:25:33 +00:00 |
|
Azeem Shaikh
|
29b14f82e3
|
Fix nil-ptr issue in e2e tests (#1561)
Co-authored-by: Azeem Shaikh <azeems@google.com>
|
2022-01-28 22:50:58 +00:00 |
|
naveen
|
70afae8b8f
|
🌱 Remove dead code
Remove dead code which isn't being used.
|
2022-01-28 14:05:29 -06:00 |
|
naveen
|
4c266d7192
|
🌱 Unit test for dependency_update_tool
Unit tests for dependency_update_tool
https://github.com/ossf/scorecard/issues/986
|
2022-01-28 10:57:57 -06:00 |
|
dependabot[bot]
|
b4eec8ed94
|
🌱 Bump github.com/onsi/gomega from 1.18.0 to 1.18.1
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.18.0...v1.18.1)
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-01-28 08:42:09 +00:00 |
|