scorecard

mirror of https://github.com/ossf/scorecard.git synced 2024-09-19 21:18:09 +03:00

Author	SHA1	Message	Date
Oliver Chang	7c2117342c	fix tests	2021-08-01 10:57:22 -05:00
Oliver Chang	cf9c860441	Replace personal test repo with ossf-tests repo.	2021-08-01 10:57:22 -05:00
Azeem Shaikh	251a6c4ac8	Linter fix (#795 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-08-01 10:59:30 -04:00
Azeem Shaikh	6368c25f54	More linter issues (#794 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-08-01 03:42:14 +00:00
Azeem Shaikh	83e9f52501	Enable revive linters which are used in google3 (#793 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-31 22:31:34 +00:00
dependabot[bot]	a66b53ebe4	🌱 Bump peter-evans/slash-command-dispatch from 2.1.3 to 2.2.1 (#735 ) Bumps [peter-evans/slash-command-dispatch](https://github.com/peter-evans/slash-command-dispatch) from 2.1.3 to 2.2.1. - [Release notes](https://github.com/peter-evans/slash-command-dispatch/releases) - [Commits](`72ab5a2e41...fc430081ad`) --- updated-dependencies: - dependency-name: peter-evans/slash-command-dispatch dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>	2021-07-31 11:12:20 +00:00
Azeem Shaikh	d045a6655f	Catch RuntimeErrors in release testing (#791 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-30 19:13:17 +00:00
laurentsimon	577061b5e3	✨ enable score results by default (#788 ) * enable v2 * linnter	2021-07-30 15:21:09 +00:00
laurentsimon	29594d4294	✨ change signature of FileIfExist and FileContent (#787 ) * draft * add pinning * remove functions * typo * commment * name	2021-07-30 15:09:52 +00:00
laurentsimon	b35cbdcdcf	✨ Make Branch-Protection score more granular (#777 ) * commit * uni tests * full score * typos * update msg * remove function * comments * linter * comments	2021-07-30 01:54:19 +00:00
laurentsimon	c48fe4f9ed	✨ Make Token-Permission check more granular (#773 ) * draft * add tests * add e2e2 tests * typos * typo * fixes * linter * use named value * comments * comment	2021-07-30 00:13:01 +00:00
dependabot[bot]	564b10946f	🌱 Bump goreleaser/goreleaser-action from 2.6.1 to 2.7.0 (#762 ) Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 2.6.1 to 2.7.0. - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](`ac067437f5...5a54d7e660`) --- updated-dependencies: - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-07-29 21:51:16 +00:00
dependabot[bot]	fae54a6af4	🌱 Bump cloud.google.com/go/pubsub from 1.12.2 to 1.13.0 (#723 ) Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go) from 1.12.2 to 1.13.0. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md) - [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.12.2...pubsub/v1.13.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/pubsub dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>	2021-07-29 21:28:39 +00:00
Azeem Shaikh	1d1e799f84	Add ListCommits and IsArchived API (#772 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-29 14:18:58 -07:00
Azeem Shaikh	d19d436294	Update release test cron job (#778 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-29 21:08:48 +00:00
Azeem Shaikh	1e6d99eb20	Remove PullRequest check (#771 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-29 20:58:36 +00:00
Azeem Shaikh	59e14eef80	Add validation for checks.yaml (#781 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-29 20:29:12 +00:00
Azeem Shaikh	df89767c35	Fix bug in SecurityPolicy (#761 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-29 20:09:56 +00:00
Azeem Shaikh	851646d4db	Disable e2e tests temporarily (#785 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-29 19:39:39 +00:00
laurentsimon	492d9cd29b	disable license check (#784 )	2021-07-29 19:30:26 +00:00
laurentsimon	8432a82bc4	✨ Add e2e tests using dedicated repo for pinned-dependencies check (#766 ) * fix * e2e * add e2e test from dedicated repo * e2e update * linter * merge	2021-07-29 11:55:25 -07:00
laurentsimon	578c71b03e	text (#776 )	2021-07-28 15:49:28 -07:00
laurentsimon	24955d62a0	text change (#775 )	2021-07-28 14:34:20 -07:00
laurentsimon	6536d393f3	remove functions (#770 )	2021-07-28 08:32:00 -07:00
evalphobia	a4f7d4b5b4	🐛 Fix panic error when RequiredPullRequestReviews is nil (#768 ) * Fix panic error when RequiredPullRequestReviews is nil * add test	2021-07-28 09:57:26 -04:00
laurentsimon	9edfe2a292	✨ rename Frozen-Deps to Pinned-Dependencies (#765 ) * fix * more tests * e2e * comments * change name * linnter * rename * lint	2021-07-27 16:32:24 -07:00
Appu	f9e9865fd6	Add version cli subcommand (#764 ) `scorecard version` will print out something like ``` GitVersion: v2.0.0-73-g7fd331a-dirty GitCommit: `7fd331adf2` GitTreeState: dirty BuildDate: 2021-07-27T14:14:34Z GoVersion: go1.16.4 Compiler: gc Platform: linux/amd64 ``` Signed-off-by: Appu Goundan <appu@google.com> Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>	2021-07-27 17:37:27 +00:00
Appu	782edb7c18	Update local install instructions to use v2 (#763 ) Signed-off-by: Appu Goundan <appu@google.com> Co-authored-by: Abhishek Arya <inferno@chromium.org>	2021-07-27 16:48:47 +00:00
laurentsimon	b8825d8e34	✨ sast cleanup (#760 ) * cleanup * typo * typos * linter * comments * msg * score * comments	2021-07-27 16:16:44 +00:00
laurentsimon	c044105e33	✨ rename var (#756 ) * rename var * linter	2021-07-26 17:24:34 -07:00
laurentsimon	2ffeff2dad	cleanup (#758 )	2021-07-27 08:45:56 +10:00
laurentsimon	a004ffb107	✨ cleanup Frozen-Deps `MakeResultAnd` (#742 ) * draft * fixes * commi 1 * delete file * clean * clean 2 * linter * fix score * handle err * in-proress score * fixes	2021-07-26 22:02:46 +00:00
laurentsimon	8128f9fe68	divide by 0 (#755 )	2021-07-26 21:37:17 +00:00
Naveen	4d7fb5d748	🌱 Fix the go.mod with v2 upgrade (#716 ) The go.mod and the related files weren't t updated with the v2 upgrade. https://github.com/ossf/scorecard/issues/711 This fix will address the issue.	2021-07-26 13:01:25 -05:00
dependabot[bot]	d6cf4b36bf	🌱 Bump distroless/base from `38778ff` to `ccbc79c` (#722 ) Bumps distroless/base from `38778ff` to `ccbc79c`. --- updated-dependencies: - dependency-name: distroless/base dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>	2021-07-26 12:00:10 -05:00
dependabot[bot]	b86718a96b	🌱 Bump golang from `773f15a` to `4544ae5` (#747 ) Bumps golang from `773f15a` to `4544ae5`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>	2021-07-26 11:37:14 -05:00
Naveen	67d0eb0bf2	🌱 Fix the broken e2e tests (#751 ) Fixed the broken tests that was looking for specific number of debug messages	2021-07-26 12:23:15 -04:00
Azeem Shaikh	f0e4a0b37e	Add more projects to the release test (#749 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-25 18:20:54 -07:00
Azeem Shaikh	9bf1cdc9ce	Update ListFiles API to return error (#746 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-25 17:47:36 -07:00
Azeem Shaikh	7c133bc767	Create APIs for MergedPRs and DefaultBranch (#745 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-25 17:37:14 -07:00
laurentsimon	37d13c2972	✨ Code-Review cleanup (#740 ) * sast cleanup * code-review cleanup * typo * merge fix	2021-07-22 23:12:53 +00:00
laurentsimon	f021326e1f	catch error (#736 )	2021-07-22 22:00:12 +00:00
Azeem Shaikh	a1502dd51a	Add e2e release tests for cron job (#734 ) Co-authored-by: Azeem Shaikh <azeems@google.com>	2021-07-22 14:16:10 -07:00
laurentsimon	a34e326151	✨ sast cleanup (#739 ) * sast cleanup * comments	2021-07-22 18:03:31 +00:00
laurentsimon	89c8e2af31	✨ [migration to score] 7: CI-Test, CII Best practices, security policy file (#733 ) * ci, cii, sec file * linter * check doc * typo * fix * comments * linter * fix sast * fix score calc	2021-07-22 15:37:31 +00:00
laurentsimon	ae33db624e	✨ [migration to score] 6: signed tags, signed release, PR, fuzzing (#732 ) * yaml file * sort checks * comments * signed tags * signed release, PR, fuzzing * typo	2021-07-21 18:10:47 -07:00
laurentsimon	3e95796de3	✨ update yaml file (#730 ) * yaml file * sort checks * comments * vuln, sast * doc update * fix * comments	2021-07-21 22:32:28 +00:00
laurentsimon	886d03cfdf	✨ description of checks migrated (#726 ) * yaml file * sort checks * comments * comments * comments	2021-07-21 20:54:57 +00:00
laurentsimon	53c056081b	✨ [migration to score] 5: contributors, vulnerabilities, packaging and sast (#729 ) * contributors * packaging * vulnerabilities * fix errors * err * errors	2021-07-21 13:40:16 -07:00
laurentsimon	6f203e73b6	✨ [migration to score] 4: active, fuzzing and code-review (#721 ) * details-1 * nits * typo * commments * dependabot and binary artifacts checks * typo * linter * missing errors.go * linter * merge fix * active, fuzzing and code review checks * e2e tests for fuzzing * fixes	2021-07-21 09:40:40 -07:00

1 2 3 4 5 ...

602 Commits