laurentsimon
|
c741335683
|
✨ [migration to score] 3: branch protection, frozen-deps, token permissions (#719)
* details-1
* nits
* typo
* commments
* dependabot and binary artifacts checks
* typo
* linter
* missing errors.go
* linter
* merge fix
* branch protection, frozen-deps, token permissions
* linter
* linter
|
2021-07-21 09:21:43 -07:00 |
|
laurentsimon
|
4cbb1a6062
|
✨ Detect python -m pip pkg (#611)
* commit 1
* fixes
* comments
* comments
* comment and fix
* comments
* add tests
* support double quote + fixes
* fix
* comments
|
2021-07-09 00:48:36 +00:00 |
|
dependabot[bot]
|
5dd7f118ae
|
🌱 Bump github.com/golangci/golangci-lint from 1.40.1 to 1.41.1 (#627)
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.40.1 to 1.41.1.
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.40.1...v1.41.1)
---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Azeem Shaikh <azeems@google.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
|
2021-06-29 10:26:16 -07:00 |
|
laurentsimon
|
8960533b7b
|
✨ check insecure downloads in github workflows (#610)
* draft
* commit 2
* draft
* rem debug code
* typos
* fixes
* fix suffix
* draft
* fixes
* rem deb code
* share the github struct def
* typos
* linter
* linter
* fix
* comments
|
2021-06-25 17:30:17 +00:00 |
|
laurentsimon
|
4b1c574420
|
✨ Check for shell script's insecure download (#606)
* draft
* commit 2
* debug code
* draft
* draft
* rem debug code
* fix return value
* rename function
* add license
* typos
* fixes
* fix suffix
* comments
|
2021-06-24 17:24:14 +00:00 |
|
laurentsimon
|
ece69b2256
|
✨ Support for package manager's unpinned downloads (#604)
* comments
* rem debug code
* Unpinned downloads for 'go get' and 'pip install'
* updates
* debug code
* linter
* comments
|
2021-06-24 16:06:25 +00:00 |
|
laurentsimon
|
d1d1eb2ecb
|
✨ Support bash -c "CMD" for docker RUN downloads-then-exec (#600)
* comments
* rem debug code
* debug cmd left
* linter
* typo
* add TODO
* comments
|
2021-06-23 14:09:47 +00:00 |
|
laurentsimon
|
0ca1ace1f2
|
✨ Check: detect downloads of scripts/binaries in docker's RUN (#584)
* commit 1
* commit 2
* commit 3
* updates
* linter
* update year
* cleanup
* linter
* fix test files
* linter
* comments
|
2021-06-21 18:45:15 +00:00 |
|