ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-09-19 21:18:09 +03:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
406 Commits 36 Branches 42 Tags 436 MiB
587f41117b
Commit Graph

406 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris McGehee
587f41117b Fix lint issues: dupl linter 2021-05-23 11:49:33 -05:00
Chris McGehee
2e7a71fbf2
Fix lint issues: goerr113 linter (#491) 
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
 2021-05-22 12:36:47 -07:00
Azeem Shaikh
0c636b0f5f
Fix bug in GitHub token access (#490) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-22 11:24:53 -07:00
Chris McGehee
26d17907a6
Fix lint issues: stylecheck linter (#487) 
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
 2021-05-22 17:45:32 +00:00
Chris McGehee
35fece6491
Fix lint issues: lll linter (#486) 2021-05-22 17:29:18 +00:00
Chris McGehee
50f7ed8519
🌱Fix lint issues: gochecknoinits linter (#485) 
* Fix lint issues: gochecknoinits linter

* Fix lint issues: gochecknoinits linter
 2021-05-22 13:19:52 -04:00
Chris McGehee
f996065e40 Fix lint issues: gomnd linter 2021-05-22 01:09:09 -05:00
Azeem Shaikh
05ae13bc18
Fix bugs in stat collection logic (#489) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-21 22:04:04 -07:00
Azeem Shaikh
715a2eb718
Add HTTP stats (#484) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-21 13:10:27 -07:00
laurentsimon
eb0af441d1
[Frozen-deps]: Ignore testdata/ files (#481) 
* ignore testdata/ files

* fix

* comments

* typo

* fix

* typo
 2021-05-21 08:45:55 -07:00
Azeem Shaikh
4584311fc6
Add monitoring to checks (#480) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-20 23:47:49 -07:00
laurentsimon
78933ac2f4 ignore scratch frm dockerfile imports 2021-05-20 13:23:27 -05:00
Azeem Shaikh
9453765aa0
Use TRUNCATE to load data into BigQuery (#476) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-19 23:59:40 -07:00
Chris McGehee
e75a9e19f9
Fix lint issues: govet linter (#478) 
Reordering fields reduces struct size in memory

Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
 2021-05-19 23:38:58 -07:00
Chris McGehee
91b3641196
Fix lint issues: gocritic linter (#477) 2021-05-19 23:21:01 -07:00
Chris McGehee
8372067a70
🌱 Disabling failing linters (#474) 
* Disabling failing linters.
They will be re-enabled as all errors are fixed.
Also linter will now fail on any error, not just newly introduced.

* Explicitly specifying lint config file

Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
 2021-05-20 01:45:23 +00:00
Azeem Shaikh
09c44bd355
Embed data files into the go lib files (#475) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-20 01:00:44 +00:00
Azeem Shaikh
abdfd23770
Update Dockerfile dependencies for PubSub job. (#473) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-19 17:27:39 +00:00
laurentsimon
ee3f290702
Add check for Docker dependency pinning by hash (#469) 
* check pinning in docker files

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* check pinning in docker files

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* check pinning in docker files

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* check pinning in docker files

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* check pinning in docker files

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* check dependencies pinning in docker files

* check docker files hash pinning

* remove logging

* make keyword matches case-insensitive

* remove log

* update unit tests

* check fix

* check dependencies pinning in docker files

* check docker files hash pinning

* remove logging

* remove log

* check fix

* comment

* linter

* commments

* check pinning in docker files

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* check pinning in docker files

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* check pinning in docker files

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* check dependencies pinning in docker files

* check docker files hash pinning

* check fix

* check dependencies pinning in docker files

* check docker files hash pinning

* remove logging

* make keyword matches case-insensitive

* remove log

* check fix

* comment

* commments

* comments

* check pinning in docker files

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* check pinning in docker files

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* check pinning in docker files

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* check dependencies pinning in docker files

* check docker files hash pinning

* remove logging

* make keyword matches case-insensitive

* check fix

* check dependencies pinning in docker files

* check docker files hash pinning

* check fix

* commments

* comments

* comments

* comments

* update mod

* remove continue keyword

* linter

* linter

* linter

* comments

* cleanup

* linter

* typos

* typos
 2021-05-19 09:46:39 -07:00
Azeem Shaikh
b7e38b8e0c
Refactor roundtripper code (#471) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-19 06:34:20 +00:00
Azeem Shaikh
eb15a61f4d
Add Dockerfiles for PubSub batch job. (#472) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-18 19:44:38 -07:00
Azeem Shaikh
8c2432bd62
Add worker to the PubSub framework. (#463) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-18 15:18:08 -07:00
laurentsimon
3b1c9b8496
❇️ Pin our docker dependencies by hash (#468) 
* check pinning in docker files

* Pin our docker dependencies

* Revert "check pinning in docker files"

This reverts commit c05a5007b1.

* comments

* typo

* fix hashes
 2021-05-18 18:05:13 +00:00
dependabot[bot]
90e1aeb7ec
🌱 Bump actions/stale from 3.0.18 to 3.0.19 (#470) 
Bumps [actions/stale](https://github.com/actions/stale) from 3.0.18 to 3.0.19.
- [Release notes](https://github.com/actions/stale/releases)
- [Commits](3b3c3f03cd...98ed4cb500)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-18 10:47:18 -04:00
Abhishek Arya
5f82d2b9c0
Add checks for workflow action pinning (#466) 
Patch by Laurent Simon <laurentsimon@google.com>

Co-authored-by: Laurent Simon <laurentsimon@google.com>
 2021-05-17 13:03:39 -07:00
Naveen
9281d1ddd9
🌱 Move tool dependencies into go.mod (#460) 
Moved the tool dependencies into go.mod
 2021-05-17 15:20:28 -04:00
Azeem Shaikh
37519d9672
Update RunScorecards API. (#461) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-16 19:38:46 -07:00
Naveen
f49aad68be
Moved the cloudbuilds to yaml (#444) 
* Moved the cloudbuild configuration into YAML
 2021-05-17 01:36:46 +00:00
Azeem Shaikh
ba3b5c5979
Refactor Makefile and add proto compile support. (#458) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-15 13:58:01 -07:00
Naveen
f73f94bd0c
🌱 auto generate docs (#455) 
Implemented checks for auto generating docs.
 2021-05-15 13:32:27 +00:00
Azeem Shaikh
c82770397a
Add and use config.yaml for pubsub cron. (#457) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-15 00:22:45 -07:00
laurentsimon
e46016d244
📖 Add more detailed doc for checks (#453) 
* More detailed doc

* comment
 2021-05-14 17:05:59 -07:00
laurentsimon
6367cc44f6
pin scorecard workflow depepdencies by hash (#456) 2021-05-14 16:59:05 -07:00
Azeem Shaikh
6437c9324f
Setup PubSub framework code. (#428) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-14 14:32:23 -07:00
naveen
670e1980d5 📖 Updated instruction for check documentation 
Included docs in CONTRIBUTING.md for updating docs for checks.
 2021-05-14 16:22:58 -05:00
Chris McGehee
fc82659e9c
🌱 Fix lint issues: gocognit linter (#433) 
* Fix lint issues: gocognit linter
Before refactoring, CITests had a cognitive complexity of 51
(the upper limit is 30)

* Fix lint issues: gocognit linter
Addressing feedback

* Fix lint issues: gocognit linter
Before refactoring IsBranchProtected had a complexity of 33 (upper limit is 30)

Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
 2021-05-14 15:41:50 -04:00
Chris McGehee
3359f601cd Fix lint issues: nolintlint linter 
The nestif directive was not being used
 2021-05-13 09:31:56 -05:00
Chris McGehee
dca5e39996
Fix lint issues: thelper linter (#447) 
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
 2021-05-13 12:09:32 +00:00
Chris McGehee
566f938364
Fix lint issues: dupl linter (#448) 
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
 2021-05-13 11:58:57 +00:00
Chris McGehee
9214d71c8f Fix lint issues: wrapcheck linter 
Bumping version of golangci-lint because it has a fix for a false
positive we were encountering.
 2021-05-13 06:53:56 -05:00
dependabot[bot]
53262f0368 🌱 Bump codecov/codecov-action from 1 to 1.5.0 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 1 to 1.5.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v1...v1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-12 10:38:27 -05:00
dependabot[bot]
33c1e903a4 🌱 Bump actions/checkout from 2 to 2.3.4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 2.3.4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v2.3.4)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-12 10:26:18 -05:00
dependabot[bot]
dd6c652db6 🌱 Bump actions/stale from 3 to 3.0.18 
Bumps [actions/stale](https://github.com/actions/stale) from 3 to 3.0.18.
- [Release notes](https://github.com/actions/stale/releases)
- [Commits](https://github.com/actions/stale/compare/v3...v3.0.18)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-12 09:34:55 -05:00
dependabot[bot]
775a36a393 🌱 Bump peter-evans/create-or-update-comment from 1 to 1.4.5 
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) from 1 to 1.4.5.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases)
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v1...v1.4.5)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-12 09:30:11 -05:00
dependabot[bot]
35b62a9905
🌱 Bump peter-evans/find-comment from 1 to 1.2.0 (#439) 
Bumps [peter-evans/find-comment](https://github.com/peter-evans/find-comment) from 1 to 1.2.0.
- [Release notes](https://github.com/peter-evans/find-comment/releases)
- [Commits](https://github.com/peter-evans/find-comment/compare/v1...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-12 13:29:05 +00:00
dependabot[bot]
9478fe3147
🌱 Bump goreleaser/goreleaser-action from 2 to 2.5.0 (#441) 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 2 to 2.5.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Changelog](https://github.com/goreleaser/goreleaser-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v2...v2.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-12 09:24:03 -04:00
laurentsimon
e616cc3161
❇️ Add sub-checks to Branch-Protection check (#436) 
* Add sub-checks to Branch-Protection check

* run gofumpt

* comments

* comments

* typo

* comments

* comments
 2021-05-11 18:26:27 -07:00
Naveen
14dfc45fae
🌱 Move the docker containers to gcr.io (#419) 
* Included a build on push to master on gcr.io
  * Updated the README with the gcr.io
  * Removed the docker.yaml build push
 2021-05-11 14:11:06 +00:00
Chris McGehee
727bb58911
🌱 Fix lint issues: govet linter (#395) 
* Fix lint issues: govet linter
The fieldalignment analyzer informs you when structs would take up less
memory with their fields reordered.

* CheckResult.Details was not omitted as intended
Found by govet linter

* Removing possible breaking change

Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
 2021-05-11 06:52:52 -07:00
dependabot[bot]
c1ef0900f2
🌱 Bump google-github-actions/setup-gcloud from 94337306dda8180d967a56932ceb4ddcf01edae7 to 0.2.1 (#425) 
* 🌱 Bump google-github-actions/setup-gcloud

Bumps [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) from 94337306dda8180d967a56932ceb4ddcf01edae7 to 0.2.1. This release includes the previously tagged commit.
- [Release notes](https://github.com/google-github-actions/setup-gcloud/releases)
- [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/master/CHANGELOG.md)
- [Commits](94337306dd...daadedc81d)

Signed-off-by: dependabot[bot] <support@github.com>

* Update integration.yml

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Abhishek Arya <inferno@chromium.org>
 2021-05-10 08:20:31 -07:00