ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-09-20 05:27:12 +03:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
963 Commits 36 Branches 42 Tags 436 MiB
84d169bf23
Commit Graph

84 Commits

Author SHA1 Message Date
Azeem Shaikh
84d169bf23
Use updated clients for local (#1355) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-12-03 15:09:04 -08:00
Nanik
45b5a35020
Add new checking for license file availability (#1178) 
* Add checking logic inside license_check.go
    * Add test case license_check_test.go
    * Add check information inside checks.yaml
 2021-12-03 09:28:27 -08:00
dota17
6a7e314c37 1.Add the check Dangerous-Workflow 
2.Fix the typo of rubygems
 2021-12-01 07:44:28 -06:00
Azeem Shaikh
2375ae2812
Add a OssFuzzRepoClient (#1280) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-11-17 03:04:37 +00:00
asraa
1050b1cd60
Add dangerous workflow check with untrusted code checkout pattern (#1168) 
* add dangerous workflow check with untrusted code checkout pattern

Signed-off-by: Asra Ali <asraa@google.com>

* update

Signed-off-by: Asra Ali <asraa@google.com>

* add env var

Signed-off-by: Asra Ali <asraa@google.com>

* fix comment

Signed-off-by: Asra Ali <asraa@google.com>

* add repos git checks.yaml

Signed-off-by: Asra Ali <asraa@google.com>

* update checks.md

Signed-off-by: Asra Ali <asraa@google.com>

* address comments

Signed-off-by: Asra Ali <asraa@google.com>

* fix merge

Signed-off-by: Asra Ali <asraa@google.com>

* add delete

Signed-off-by: Asra Ali <asraa@google.com>

* update docs

Signed-off-by: Asra Ali <asraa@google.com>

Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
 2021-11-15 20:18:10 +00:00
Azeem Shaikh
6223b6620a
Add CIIClient interface (#1262) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-11-15 02:46:41 +00:00
laurentsimon
09b7b3bd3d
Pull request support for GitHub action (#1222) 
* draft

* updates

* PR support

* comments

* comment

* category

* fix rule ID

* typo

* always populate rules

* typo
 2021-11-08 23:30:37 +00:00
laurentsimon
8805ac54d0
Add --local option to CLI (#1211) 
* unit tests

* remove log

* fix

* gate local access

* comment
 2021-11-03 15:17:58 +00:00
laurentsimon
a6d298a60a
Use checks.yaml to store which repo types are supported by each check (#1195) 
* draft

* draft 2

* remove enum

* update

* mock doc

* fix
 2021-11-02 01:43:22 +00:00
Azeem Shaikh
83649a799e
Remove repos package (#1191) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-10-29 16:07:46 +00:00
laurentsimon
4cca9b4960
Implement local repo client for local folders (#1146) 
* draft

* draft

* docker file

* error

* fix

* fix

* bug

* comments

* missing merge

* fix

* merge issue

* fix

* validate format early

* comments

* fix

* fixes

* uncomment

* gate code for v4 code

* draft

* draft 2

* fix security-policy check

* fix

* merge fixes

* fixes

* fixes

* fixes

* fixes

* mock repo

* linter

* comments

* unit tests

* comments
 2021-10-28 18:30:02 +00:00
laurentsimon
950e0e3d2d
Add support for file-based repo URIs (#1113) 
* draft

* draft

* docker file

* error

* fix

* fix

* fixa

* bug

* comments

* missing merge

* fix

* fix rebase

* merge issue

* fix

* validate format early

* fix

* fix2

* comments

* fix
 2021-10-21 20:08:56 +00:00
Naveen
6c1c789dc5
🌱 v3 upgrade changes (#1118) 
v3 go.mod changes
 2021-10-07 18:16:01 -05:00
laurentsimon
f153db5a4a
⚠️ remove CSV support (#1119) 
* remove CSV support

* fixes
 2021-10-07 13:54:21 -07:00
laurentsimon
3a43c683c8
Define scorecard GitHub action (#1069) 
* test

* fix

* fix

* license
 2021-09-27 22:30:36 +00:00
laurentsimon
6b9010e575
changes (#1062) 2021-09-27 15:50:58 +00:00
laurentsimon
fb77e42da2
Per-check score threshold for SARIF (#1057) 
* fixes

* fix
 2021-09-23 23:55:41 +00:00
laurentsimon
5d6a7cd20d
Add policy file (#1002) 
* draft

* draft 2

* add tests

* check names

* fixes

* fix

* comments

* fix

* test

* remove risk

* license

* linter

* comments
 2021-09-22 16:22:49 +00:00
laurentsimon
39bd00c359
Add aggregated score (#1046) 
* ag scores

* fix

* CSV and string

* comments

* updates

* changes

* fixes
 2021-09-21 22:30:25 +00:00
laurentsimon
617820706c
Update cron's JSON format (#1001) 
* JSON2 for cron

* fixes

* linter

* fix
 2021-09-13 21:55:06 +00:00
Azeem Shaikh
e730e911e6
sce.Create -> sce.WithMessage for wrapcheck (#995) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-09-10 15:50:33 +00:00
laurentsimon
d6174dbe59
semantic version (#991) 2021-09-10 07:13:17 -07:00
laurentsimon
870db56814
Cleanup documentation code (#981) 
* draft 1

* unit tests

* fix

* fixes

* fix

* mod

* comments

* fixes

* rename

* fix

* linter
 2021-09-09 22:09:39 +00:00
Azeem Shaikh
afe5b40567
Make RepoClient as default interface for Scorecard (#951) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-09-02 02:32:26 +00:00
laurentsimon
8f5e742e20
Improve JSON format (#934) 
* support for verison

* fix

* fix

* linter

* typo

* fix
 2021-09-01 17:29:40 +00:00
Azeem Shaikh
41d0ce38c4
Replace errors.As with Is (#901) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-08-25 01:03:45 +00:00
laurentsimon
276155d1eb
SARIF 4: Add support to output SARIF format (#866) 
* draft1

* draft2

* draft

* draft 3

* typos

* unit tests

* fixes

* fixes

* related locs

* fixes

* version

* fixes

* linter/fix

* fixes

* linter

* gofmt -s
 2021-08-23 21:31:33 +00:00
laurentsimon
23764f0168
Upload cron results to a table with new format (#830) 
* add json2 function

* asJSON2

* url2

* draft

* root

* tables and bucket

* fix

* comments

* new transfer instances

* comments

* rename files

* update k8 names

* typo

* fizes

* linter
 2021-08-16 16:38:41 +00:00
Azeem Shaikh
b7ddc9ac93
Update go-github version for consistency (#852) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-08-13 00:43:22 +00:00
laurentsimon
6718939a08
Cleanup errors and log (#782) 
* cleanup

* text

* add errors

* fixes

* more

* fixes

* linnter

* comments

* name
 2021-08-02 22:38:42 +00:00
Azeem Shaikh
6368c25f54
More linter issues (#794) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-08-01 03:42:14 +00:00
Azeem Shaikh
83e9f52501
Enable revive linters which are used in google3 (#793) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-07-31 22:31:34 +00:00
laurentsimon
577061b5e3
enable score results by default (#788) 
* enable v2

* linnter
 2021-07-30 15:21:09 +00:00
Appu
f9e9865fd6
Add version cli subcommand (#764) 
`scorecard version` will print out something like

```
GitVersion:     v2.0.0-73-g7fd331a-dirty
GitCommit:      7fd331adf2
GitTreeState:   dirty
BuildDate:      2021-07-27T14:14:34Z
GoVersion:      go1.16.4
Compiler:       gc
Platform:       linux/amd64
```

Signed-off-by: Appu Goundan <appu@google.com>

Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
 2021-07-27 17:37:27 +00:00
Naveen
4d7fb5d748
🌱 Fix the go.mod with v2 upgrade (#716) 
The go.mod and the related files weren't t updated with the v2 upgrade.

https://github.com/ossf/scorecard/issues/711

This fix will address the issue.
 2021-07-26 13:01:25 -05:00
Azeem Shaikh
7c133bc767
Create APIs for MergedPRs and DefaultBranch (#745) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-07-25 17:37:14 -07:00
laurentsimon
6f203e73b6
[migration to score] 4: active, fuzzing and code-review (#721) 
* details-1

* nits

* typo

* commments

* dependabot and binary artifacts checks

* typo

* linter

* missing errors.go

* linter

* merge fix

* active, fuzzing and code review checks

* e2e tests for fuzzing

* fixes
 2021-07-21 09:40:40 -07:00
laurentsimon
ab4bb60c9c
[migration to score] 1: create errors and new functions (#712) 
* details-1

* comment

* doc

* nits

* typo

* commments

* nit

* linter
 2021-07-20 11:36:35 -07:00
laurentsimon
45ea97e502
Add more github token names for env variable (#694) 
* draft

* commit 1

* dead code

* comments

* merge fix

* typo
 2021-07-19 18:56:42 +00:00
Anton
d08874e4c5
🐛 Updated checks arguments to be case insensitive (#685) 
* Updated checks to be case insensitive

* Removed the need to have check indexes/keys lowercase

* Refactored to use strings.EqualFold()

* Refactored enabling checks into a separate function

* Refactored enableCheck() to return a bool
 2021-07-14 09:26:33 -04:00
Anton Ritter-Gogerly
0967915691 Added error for invalid checks 2021-07-13 08:18:43 -05:00
Azeem Shaikh
7cf56e04af
Log error if GITHUB_AUTH_TOKEN is unset (#680) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-07-12 13:59:44 -07:00
Azeem Shaikh
d81fd24246
Add ListFiles and GetFileContent APIs (#637) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-06-30 23:49:49 -07:00
Azeem Shaikh
7861478e1a
Add error handling to RunScorecard fn (#595) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-06-20 23:31:10 -07:00
Azeem Shaikh
0b62c58704
Add v0 of RepoClient interface (#587) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-06-17 13:21:32 -07:00
Chris McGehee
524a187b31 Add new linter: errorlint 2021-05-30 13:12:42 -04:00
Chris McGehee
6b63f3f963
🌱 Fix lint issues: Replace golint with revive (#493) 
* Fix lint issues: Replace golint with revive
golint is deprecated and recommended to be replaced with revive

* Updating comments to be more accurate

* Updating comments again

Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
 2021-05-24 11:34:33 -07:00
Chris McGehee
61ecad3151
Add new linter: gci (#498) 2021-05-23 20:51:52 -07:00
Chris McGehee
50f7ed8519
🌱Fix lint issues: gochecknoinits linter (#485) 
* Fix lint issues: gochecknoinits linter

* Fix lint issues: gochecknoinits linter
 2021-05-22 13:19:52 -04:00
Azeem Shaikh
37519d9672
Update RunScorecards API. (#461) 
Co-authored-by: Azeem Shaikh <azeems@google.com>
 2021-05-16 19:38:46 -07:00