* Create scorecards-analysis.yml
* Update README.md
Move Public Data section
Add placeholders for new installation organization, TODOs for public data section
* Update README.md
Remove outdated public data scoring system paragraph
* Update README.md
Add explanation of Scorecard Action install option and link out
* Update README.md
Add sentence introducing CLI installation section; move all heading down a level for that section
* Update README.md
Fix typo
* Update README.md
Remove comma
* Delete scorecards-analysis.yml file
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Add risk levels to table of Scorecards Checks section; remove lists of each risk level in the Scoring section. (To streamline navigation; keeps the same info but just in shorter format)
Add suggestion of which PAT to set;
Add explanation of why authentication is needed;
Clarity the "either-or" options for authentication;
Add link to GH Installations (please confirm link is correct)
According to https://github.com/apps/lgtm-com
"LGTM is a code analysis platform for identifying vulnerabilities early and preventing
them from reaching production". It's used by `systemd`, `lxc` and a lot of other large
open source projects. The check is
still kind of broken in the sense that it fails to detect
projects where every PR is analyzed by LGTM before getting merged
but it's better than nothing I guess.
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
* Update Install command for version 3
Change v2@latest to v@latest in README.md
* Update install instruction to use GitHub releases
Remove `go install` instructions and replace with instructions to download binary from GitHub releases
* Update install instructions for GOPATH caps
Change gopath to GOPATH
* Update README.md
Add scoring explanation, including aggregate scoring and risk weighting
Add Aggregate score to example output
Add omitted word
* Update README.md
Minor edit, remove word
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
* Update README.md
Add new Contents section at top that includes links to to other documentation pages.
Remove old Contents section that linked only to the page below.
* Update README.md
Change “Supportability” to “Prerequisites” and add GoLang requirement.
Rename “Troubleshooting” to “Report Problems” and remove Slack reference
Rename “Contributing” to “Get Involved” and add Slack reference.
Tweak headings for clarity/concision.
* Update README.md
Fix link (Get Involved)
* Update README.md
Moved content on page to match new Table of Contents format
Added subheadings linking out to other pages to match new Table of Contents format
Renamed "Motivation" to "What is Scorecards?"
* Update README.md
Removed out-of-date info on Pass/Fail scoring from Usage section
Added info about previous Pass/Fail scoring to Public Data section
Removed out-of-date Pass/Fail example from Package Manager section
* Update README.md
Changed links from absolute to relative paths
Moved "Overview" section to top
* Update README.md
Renamed "Learn More About Each Check" section to "Detailed Check Documentation"
* Update README.md
Added example for format flag
Trimmed example for package manager (since removing the out-of-date results example)
* Update README.md
Moved "Basic Usage" heading
Minor tweaks for clarity
* Update README.md
Change "Get Involved" heading to "Connect with the Scorecards Community"
* Update README.md
Replace colon with comma for consistency
* Update README.md
Fix line formatting
Fix explanation of BigQuery pass/fail scoring
Update install command
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
This modifies README.md to add hyperlinks
directly to each of the details in `docs/checks.md`.
That way, people who want to know more about a specific check
can jump immediately to that information.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Based on recommendations from the `go` tool.
```
go get: installing executables with 'go get' in module mode is deprecated.
Use 'go install pkg@version' instead.
For more information, see https://golang.org/doc/go-get-install-deprecation
or run 'go help get' or 'go help install'.
```
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
* ✨ Make checks documentation machine readable.
Make checks.yaml as a machine and human readable source of truth of
checks documentation.
A tiny Python script is also added to generate checks.json and checks.md
from this file.
* move checks scripts and files
