* 🌱 convert Webhook check to probes
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Add test + nits
Signed-off-by: AdamKorcz <adam@adalogics.com>
* replace probe with OutcomeNotApplicable
Signed-off-by: AdamKorcz <adam@adalogics.com>
* return one finding per webhook
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change wording in def.yml
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change wording in def.yml and checks.md
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove unused struct in test
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* align checks.md with checks.yaml
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* bring back experimental for webhooks
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change 'token' to 'secret' in probe
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use checker.MinResultScore instead of 0
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Change test name
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use checker.MinResultScore instead of 0
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix typo
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Use checker.MaxResultScore instead of 10
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* rename probe
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove the 'totalWebhooks' value from findings
Signed-off-by: Adam Korczynski <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* 🌱 convert binary artifact check to probe
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Reword motivation
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove unused variable in test
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove positiveOutcome() and length check
Signed-off-by: AdamKorcz <adam@adalogics.com>
* fix wrong check name
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Split into two probes: One with and one without gradle-wrappers
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Add description about what Scorecard considers a verified binary
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change 'trusted' to 'verified'
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove nil check
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove filtering
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use const scores in tests
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* rename test
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* add sanity check in loop
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* rename binary file const
Signed-off-by: Adam Korczynski <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* 🌱 convert CII Best Practices check to probes
Signed-off-by: AdamKorcz <adam@adalogics.com>
* change 'NOT' to 'not'
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Change wording in probes
Signed-off-by: AdamKorcz <adam@adalogics.com>
* add links to text
Signed-off-by: AdamKorcz <adam@adalogics.com>
* fix typo
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Edit text in def.yml
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove hasBadgeNotFound probe
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove 'that' from text
Signed-off-by: AdamKorcz <adam@adalogics.com>
* use CreateMinScoreResult instead of CreateResultWithScore
Signed-off-by: AdamKorcz <adam@adalogics.com>
* use MaxResultScore instead of maxScore
Signed-off-by: AdamKorcz <adam@adalogics.com>
* return CreateRuntimeErrorResult sooner rather than later
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Combine probes into one
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove minScore variable
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove 'hasInProgressBadge' probe
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* make badge levels global variables
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* return -1 for unsupported badge
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change text for unknown and unsupported badges
Signed-off-by: Adam Korczynski <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* 🌱 convert vulnerabilities check to probe
Signed-off-by: AdamKorcz <adam@adalogics.com>
* rename probe + nits
Signed-off-by: AdamKorcz <adam@adalogics.com>
* edit def.yml
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Add vuln ID dynamically to def.yml
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Elaborate the purpose of test data in unit test
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Move logging out of loop and change logic of negativeFindings()
Signed-off-by: AdamKorcz <adam@adalogics.com>
* preserve number of vulns found in output
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Preserve grouping of vulns
Signed-off-by: AdamKorcz <adam@adalogics.com>
* fix linter issues
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Add remediation data
Signed-off-by: AdamKorcz <adam@adalogics.com>
* use checker.LogFindings()
Signed-off-by: AdamKorcz <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
* 🌱 convert packaging check to probe
Signed-off-by: AdamKorcz <adam@adalogics.com>
* amend text in def.yml
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Correct short description in def.yml
Signed-off-by: AdamKorcz <adam@adalogics.com>
* log negative findings
Signed-off-by: AdamKorcz <adam@adalogics.com>
* rename probe
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Fix the broken e2e test: The probe returned minimum score instead of inconclusive score which was not consistent with the previous scoring. This commit also removes the debug statements
Signed-off-by: AdamKorcz <adam@adalogics.com>
* change score text
Signed-off-by: AdamKorcz <adam@adalogics.com>
* include file details. process all packaging workflows
Signed-off-by: AdamKorcz <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>