Azeem Shaikh
c8d2a51375
Ignore nil values in Branch-Protection check ( #1243 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-12 19:11:06 +00:00
Azeem Shaikh
ab2bb205d4
Fix nil-ptr access bug ( #1248 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-12 16:51:41 +00:00
Azeem Shaikh
9dfac39223
Fix the way diff is shown ( #1249 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-12 14:18:47 +00:00
Evgeny Vereshchagin
46611eac5d
Security-Policy: really look for the security policy
...
It was tested with the systemd project where the security policy
is kept in docs/SECURITY.md. Without this patch `scorecard`
says that the security policy can't be found.
2021-11-11 10:08:27 -06:00
laurentsimon
795505fd7f
✨ Remove isScorecardRepo ( #1236 )
...
* remove isScorecardRepo
* linter
* linter
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-11-10 20:13:12 +00:00
Evgeny Vereshchagin
5524c9717b
SAST: no longer skip "neutral" checks ( #1237 )
...
Some SASTs like LGTM don't analyze PRs where code hasn't been changed,
which leads to their status being "neutral" there.
It's a follow up to https://github.com/ossf/scorecard/pull/1232#issuecomment-965552702
I'm not sure what to do about one-offs like the one
mentioned in https://github.com/ossf/scorecard/pull/1232#issuecomment-965585962
that shouldn't affect the aggregate score but it can probably
be fixed later.
2021-11-10 19:49:02 +00:00
Evgeny Vereshchagin
6a2fb2edc2
Add LGTM to the SAST check ( #1232 )
...
According to https://github.com/apps/lgtm-com
"LGTM is a code analysis platform for identifying vulnerabilities early and preventing
them from reaching production". It's used by `systemd`, `lxc` and a lot of other large
open source projects. The check is
still kind of broken in the sense that it fails to detect
projects where every PR is analyzed by LGTM before getting merged
but it's better than nothing I guess.
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-11-10 10:09:11 -08:00
laurentsimon
ae271b4513
🐛 Validate doc on pre-submit ( #1235 )
...
* validate doc on pre-submit
* typo
2021-11-10 16:56:44 +00:00
laurentsimon
929fd6e9e4
deterministic sarif gen ( #1233 )
2021-11-10 16:33:21 +00:00
Chris McGehee
4fbd0fe93e
Adding Chris as facilitator
2021-11-08 18:11:07 -06:00
laurentsimon
09b7b3bd3d
✨ Pull request support for GitHub action ( #1222 )
...
* draft
* updates
* PR support
* comments
* comment
* category
* fix rule ID
* typo
* always populate rules
* typo
2021-11-08 23:30:37 +00:00
Chris McGehee
3dc507b9e1
Using library to parse github workflows
2021-11-08 17:00:40 -06:00
Chris McGehee
f319aca82d
Moving github worflow parsing to its own file
2021-11-08 17:00:40 -06:00
laurentsimon
b3ac52a06b
PR support ( #1227 )
2021-11-08 13:48:29 -08:00
Naveen
4ee366eb0f
🌱 Move docker build checks to ko ( #1214 )
...
Move the docker builds checks to ko
2021-11-08 15:55:58 +00:00
laurentsimon
67f070f73c
remove action ( #1223 )
2021-11-05 20:14:54 -07:00
laurentsimon
af594d3921
spelling ( #1219 )
2021-11-04 19:02:07 +00:00
Naveen
ddd770ae14
📖 Updated the community links ( #1216 )
...
* :docs: Updated the community links
Updated the community links to be more accessible. Took the idea from https://github.com/tektoncd/community/blob/main/working-groups.md#chains
* Update README.md
2021-11-04 16:59:43 +00:00
Chris McGehee
2006be1819
🐛 Token permission check was failing on non-yaml files
2021-11-04 06:19:10 -05:00
dependabot[bot]
6562cc1f44
🌱 Bump actions/checkout from 2.3.5 to 2.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.3.5 to 2.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](1e204e9a92...ec3a7ce113
2021-11-03 10:56:59 -05:00
laurentsimon
8805ac54d0
✨ Add --local option to CLI ( #1211 )
...
* unit tests
* remove log
* fix
* gate local access
* comment
2021-11-03 15:17:58 +00:00
laurentsimon
59edb12f2a
🐛 Use only olivekl@ in CODEOWNER ( #1212 )
...
* codeowner
* workflows
2021-11-02 19:44:01 +00:00
laurentsimon
8a83a81fd7
✨ Validate check.yaml's repo interface support ( #1210 )
...
* draft
* validate
* comment
* commments
2021-11-02 12:22:37 -07:00
naveen
257d99e1c6
🌱 Fixed the failing tests
...
The failing tests couldn't be fixed before because the code wasn't up to
date in the last PR.
2021-11-02 12:03:30 -05:00
laurentsimon
a6d298a60a
✨ Use checks.yaml to store which repo types are supported by each check ( #1195 )
...
* draft
* draft 2
* remove enum
* update
* mock doc
* fix
2021-11-02 01:43:22 +00:00
naveen
ff316e1f97
🐛 Removed the Binary Artifact
...
Remove the binary artifact
2021-10-31 21:27:27 -05:00
Naveen
1cc8601c2c
📖 Included the meeting minutes ( #1202 )
...
* 📖 Included the meeting minutes
Included the meeting minutes in the README.
* Update README.md
2021-11-01 00:58:22 +00:00
Oliver Chang
d3796f29b1
✨ Add ClusterFuzzLite to Fuzzing check. ( #1166 )
...
* Add ClusterFuzzLite to Fuzzing check.
Check for the existence of ".clusterfuzzlite/Dockerfile".
Fixes #1148 .
* comment
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-10-29 22:33:17 -07:00
Azeem Shaikh
69f9774b93
Store metadata in BigQuery ( #1197 )
2021-10-30 00:01:25 +00:00
Naveen
c7511206a1
🌱 Reproducible builds in goreleaser ( #1198 )
2021-10-29 18:36:35 -05:00
naveen
a53245a9fc
🐛 Fix broken e2e tests for Binary Artifacts
...
Fixed the broken e2e tests for Binary artifacts.
2021-10-29 17:39:37 -05:00
Azeem Shaikh
83649a799e
Remove repos package ( #1191 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-29 16:07:46 +00:00
dependabot[bot]
148446bb83
🌱 Bump distroless/base in /cron/controller ( #1192 )
...
Bumps distroless/base from `56d73a6` to `46d4514`.
---
updated-dependencies:
- dependency-name: distroless/base
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-10-29 15:12:22 +00:00
dependabot[bot]
52ce50c2b5
🌱 Bump distroless/base in /cron/worker ( #1193 )
...
Bumps distroless/base from `56d73a6` to `46d4514`.
---
updated-dependencies:
- dependency-name: distroless/base
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-10-29 13:56:09 +00:00
Romain Dauby
6467b31c4c
📖 Update CODEOWNERS ( #1189 )
...
* Update CODEOWNERS
* Add 2 code owners
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-10-29 08:36:51 -05:00
dependabot[bot]
ed2ef299f1
🌱 Bump distroless/base in /cron/webhook ( #1177 )
...
Bumps distroless/base from `56d73a6` to `46d4514`.
---
updated-dependencies:
- dependency-name: distroless/base
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-10-29 05:25:57 +00:00
dependabot[bot]
92dff665a4
🌱 Bump distroless/base from 56d73a6 to 46d4514 ( #1176 )
...
Bumps distroless/base from `56d73a6` to `46d4514`.
---
updated-dependencies:
- dependency-name: distroless/base
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-10-29 05:06:21 +00:00
Azeem Shaikh
138552848d
Remove Repo CPU runtime stat logging ( #1186 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-29 04:37:44 +00:00
Azeem Shaikh
1db0f9745f
Sanitized repo URLs ~1M ( #1182 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-28 21:00:57 -07:00
Azeem Shaikh
b08a4a8ca7
Increase worker replicas ( #1173 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-29 03:40:16 +00:00
laurentsimon
608866949b
🐛 Fix ListFiles caching in localrepo client ( #1190 )
...
* fix
* remove debug
2021-10-29 03:12:44 +00:00
Azeem Shaikh
87359619c7
Update shard naming to allow for 1M+ shards ( #1170 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-28 18:54:36 +00:00
Azeem Shaikh
c73c5628ea
Fix GitHub workflows failing ( #1172 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2021-10-28 18:42:55 +00:00
laurentsimon
4cca9b4960
✨ Implement local repo client for local folders ( #1146 )
...
* draft
* draft
* docker file
* error
* fix
* fix
* bug
* comments
* missing merge
* fix
* merge issue
* fix
* validate format early
* comments
* fix
* fixes
* uncomment
* gate code for v4 code
* draft
* draft 2
* fix security-policy check
* fix
* merge fixes
* fixes
* fixes
* fixes
* fixes
* mock repo
* linter
* comments
* unit tests
* comments
2021-10-28 18:30:02 +00:00
laurentsimon
d9e35cda2a
🐛 Fix flaky tests in cron/data/add ( #1185 )
...
* fix
* naming
2021-10-28 11:18:35 -07:00
Azeem Shaikh
0ba864e9c2
Avoid panic in code ( #1171 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-27 12:24:02 -07:00
Azeem Shaikh
53ae583096
Remove obviously invalid URLs from porjects.csv ( #1165 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-27 05:25:08 +00:00
naveen
aa634bd251
🌱 Fixes the broken e2e
...
Fixes for broken e2e
2021-10-26 20:11:21 -05:00
naveen
fd238d0e40
🌱 Fix goreleaser permission and flags
...
Fixes goreleaser flags issue and sets specific permission for
goreleaser.
2021-10-26 16:32:05 -05:00
naveen
1b885874ac
🌱 Fix CVE warning for containerd
...
The containerd version <1.5.7 has CVE https://github.com/advisories/GHSA-c2h3-6mxw-7mvq
Fixed it to address the issue.
2021-10-26 13:52:00 -05:00
