Evgeny Vereshchagin
75bcc333de
CI-Tests: look for test-related strings in target urls as well ( #1374 )
...
Apparently some projects like systemd and bcc put links (containing
the word "Jenkins") to their Jenkins instances in target urls.
https://buildbot.iovisor.org/jenkins/job/bcc-pr/1157/
https://jenkins-systemd.apps.ocp.ci.centos.org/job/upstream-vagrant-archlinux-sanitizers/8288/
It's a follow-up to https://github.com/ossf/scorecard/pull/1293#issuecomment-976384882
Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2021-12-08 17:34:28 +00:00
Azeem Shaikh
5025299eb6
Fix issues with CII client ( #1309 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-19 18:24:43 +00:00
Azeem Shaikh
89b316c64d
Use blob-based CII client in cron job ( #1284 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-19 08:02:06 +11:00
Azeem Shaikh
2375ae2812
Add a OssFuzzRepoClient ( #1280 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-17 03:04:37 +00:00
laurentsimon
86835fcfd6
🐛 Fix branch protection results ( #1252 )
...
* fix
* fix
* doc
* fix
* comment
* update tests
* fix
* fixes
* fix
* disable tests temp
* score change
* fix
* comments
* docs
2021-11-16 17:27:27 +00:00
asraa
5950fdef67
🐛 fix special character in search query to fix fuzzing check ( #1241 )
...
* fix fuzzing path separator
Signed-off-by: Asra Ali <asraa@google.com>
* add comment
Signed-off-by: Asra Ali <asraa@google.com>
2021-11-15 16:50:03 +00:00
Azeem Shaikh
6223b6620a
Add CIIClient interface ( #1262 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-15 02:46:41 +00:00
Azeem Shaikh
51de6b6e5d
Check for issue activity in Maintained ( #1251 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-12 22:16:22 +00:00
Eng Zer Jun
177502552a
🌱 Move from io/ioutil to io and os packages ( #1250 )
...
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil . This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.
Signed-off-by: Eng Zer Jun <zerjun@eta-hd.com>
Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2021-11-12 19:34:46 +00:00
Azeem Shaikh
c8d2a51375
Ignore nil values in Branch-Protection check ( #1243 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-11-12 19:11:06 +00:00
laurentsimon
795505fd7f
✨ Remove isScorecardRepo ( #1236 )
...
* remove isScorecardRepo
* linter
* linter
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-11-10 20:13:12 +00:00
laurentsimon
8805ac54d0
✨ Add --local
option to CLI ( #1211 )
...
* unit tests
* remove log
* fix
* gate local access
* comment
2021-11-03 15:17:58 +00:00
laurentsimon
a6d298a60a
✨ Use checks.yaml to store which repo types are supported by each check ( #1195 )
...
* draft
* draft 2
* remove enum
* update
* mock doc
* fix
2021-11-02 01:43:22 +00:00
laurentsimon
608866949b
🐛 Fix ListFiles caching in localrepo client ( #1190 )
...
* fix
* remove debug
2021-10-29 03:12:44 +00:00
laurentsimon
4cca9b4960
✨ Implement local repo client for local folders ( #1146 )
...
* draft
* draft
* docker file
* error
* fix
* fix
* bug
* comments
* missing merge
* fix
* merge issue
* fix
* validate format early
* comments
* fix
* fixes
* uncomment
* gate code for v4 code
* draft
* draft 2
* fix security-policy check
* fix
* merge fixes
* fixes
* fixes
* fixes
* fixes
* mock repo
* linter
* comments
* unit tests
* comments
2021-10-28 18:30:02 +00:00
laurentsimon
950e0e3d2d
✨ Add support for file-based repo URIs ( #1113 )
...
* draft
* draft
* docker file
* error
* fix
* fix
* fixa
* bug
* comments
* missing merge
* fix
* fix rebase
* merge issue
* fix
* validate format early
* fix
* fix2
* comments
* fix
2021-10-21 20:08:56 +00:00
Azeem Shaikh
5ec7b26e20
Fix connection refused
errors ( #1134 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-15 22:29:00 +00:00
Azeem Shaikh
89cae3a62a
Use GitHub auth server in cron release test ( #1133 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-15 10:24:31 -07:00
Azeem Shaikh
66f864022c
Add GitHub token server ( #1132 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-10-15 03:03:51 +00:00
Naveen
6c1c789dc5
🌱 v3 upgrade changes ( #1118 )
...
v3 go.mod changes
2021-10-07 18:16:01 -05:00
laurentsimon
0686ed2ba0
🐛 Fix invalid code review ( #1055 )
...
* fix bug
* fix
* comments
* fix
* fixes
2021-09-23 21:17:32 +00:00
Azeem Shaikh
14dc32f946
Enforce non-concurrent token usage ( #1048 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-21 17:52:13 -07:00
Azeem Shaikh
bc37c74b28
Remove Owner/Repo strings from CheckRequest ( #997 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-10 10:13:14 -07:00
Azeem Shaikh
e730e911e6
sce.Create -> sce.WithMessage for wrapcheck ( #995 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-10 15:50:33 +00:00
naveen
576447a45b
🌱 Fix the jwt finding
...
* This fixes the JWT finding CVE-2020-26160
2021-09-08 11:17:40 -05:00
neil465
5476b878bd
✨ Removed unnecessary linters ( #969 )
...
* gomnd
* prealloc
* dupl
2021-09-07 10:45:12 -04:00
Azeem Shaikh
7b912e8903
Return DefaultBranch as part of ListBranches ( #960 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-03 14:40:32 +00:00
Azeem Shaikh
afe5b40567
Make RepoClient as default interface for Scorecard ( #951 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-02 02:32:26 +00:00
Azeem Shaikh
eceb577b84
Add and use RepoClient API for ListStatuses ( #949 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-01 18:34:58 +00:00
Azeem Shaikh
eb2b3b2185
Add RepoClient API for ListCheckRunsForRef ( #948 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-01 17:43:53 +00:00
Azeem Shaikh
99b9c91570
Use RepoClient API for Packaging check ( #940 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-09-01 01:05:34 +00:00
Azeem Shaikh
e305a94e4f
Use ListReleases API for BranchProtection check ( #937 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-30 17:52:08 -07:00
Azeem Shaikh
9a1978a051
Use RefUpdateRule in BranchProtection check ( #936 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-30 23:14:42 +00:00
Azeem Shaikh
fe54c5131c
Only call GitHub APIs when needed ( #918 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-26 22:09:41 +00:00
Azeem Shaikh
37696aceb3
Create and use MockRepoClient in unit tests ( #922 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-26 19:48:39 +00:00
Azeem Shaikh
2d65ab4f0c
Remove ErrRepoUnavailable ( #908 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-25 09:33:59 -07:00
Azeem Shaikh
e73f08e76c
Fix nil ptr dereference ( #907 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-08-25 07:09:24 -07:00
Azeem Shaikh
41d0ce38c4
Replace errors.As
with Is
( #901 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-25 01:03:45 +00:00
Azeem Shaikh
b7c0d03b25
Handle GitHub repos with redirects ( #876 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-21 20:45:57 -07:00
Azeem Shaikh
63a8fc73af
Nil pointer dereference ( #864 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-17 14:07:49 +00:00
Azeem Shaikh
cf01ea69c7
Fix nil pointer dereference bug ( #860 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-17 01:08:09 +00:00
Azeem Shaikh
13ef9dd7e0
Use RepoClient.Search API in SAST check ( #857 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-16 17:34:10 +00:00
Azeem Shaikh
42ee430332
Use RepoClient API for Fuzzing ( #855 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-14 00:34:40 +00:00
Azeem Shaikh
8baaaa4cf8
Use RepoClient API for Contributors check ( #854 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-13 18:13:43 +00:00
Azeem Shaikh
b7ddc9ac93
Update go-github version for consistency ( #852 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-13 00:43:22 +00:00
Azeem Shaikh
3f9431d08c
Update SignedReleases to use RepoClient API ( #844 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-12 20:46:06 +00:00
Azeem Shaikh
eeb563be10
Update SAST and CITest with Repoclient API ( #842 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-12 08:27:48 +10:00
Azeem Shaikh
f4d2628799
Ignore errors extracting corrupted tarball ( #812 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-06 01:03:35 +00:00
Azeem Shaikh
790a7778e7
Handle tarballs that cannot be downloaded. ( #809 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-03 15:31:32 -07:00
laurentsimon
6718939a08
✨ Cleanup errors and log ( #782 )
...
* cleanup
* text
* add errors
* fixes
* more
* fixes
* linnter
* comments
* name
2021-08-02 22:38:42 +00:00