ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-07-07 06:46:18 +03:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
main
scorecard/checks
History
Raghav Kaul bfaa9febc2
probe: releases with verified provenance (#4141) 
* add projectpackageversions to signed releases raw results

Signed-off-by: Raghav Kaul <raghavkaul+github@google.com>

* finding: add NewNot* helpers, fix error msg

Signed-off-by: Raghav Kaul <raghavkaul+github@google.com>

* probe: releasesHaveVerifiedProvenance

Signed-off-by: Raghav Kaul <raghavkaul+github@google.com>

* logging

Signed-off-by: Raghav Kaul <raghavkaul+github@google.com>

* fix tests and lint

Signed-off-by: Raghav Kaul <raghavkaul+github@google.com>

* address comments

Signed-off-by: Raghav Kaul <raghavkaul+github@google.com>

* remove unused

Signed-off-by: Raghav Kaul <raghavkaul+github@google.com>

* fix merge conflict

Signed-off-by: Raghav Kaul <raghavkaul+github@google.com>

---------

Signed-off-by: Raghav Kaul <raghavkaul+github@google.com>
2024-06-07 10:15:20 -07:00
..
evaluation probe: releases with verified provenance (#4141) 2024-06-07 10:15:20 -07:00
fileparser detect sbt ci-release packaging workflows (#4135) 2024-06-01 14:30:41 -04:00
raw 🐛 fix Unlicense detection (#4145) 2024-06-06 18:01:49 +00:00
testdata detect sbt ci-release packaging workflows (#4135) 2024-06-01 14:30:41 -04:00
all_checks_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
all_checks.go Add experimental check for published SBOM (#3903) 2024-05-17 18:16:54 +00:00
binary_artifact_test.go 🌱 Update Binary-Artifacts and License checks (#4079) 2024-05-03 14:50:50 -07:00
binary_artifact.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
branch_protection_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
branch_protection.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
ci_tests_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
ci_tests.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
cii_best_practices_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
cii_best_practices.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
code_review_test.go 🐛 Code-Review: change phabricator regex to allow URLs (#4086) 2024-05-07 09:51:39 -07:00
code_review.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
contributors_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
contributors.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
dangerous_workflow_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
dangerous_workflow.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
dependency_update_tool_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
dependency_update_tool.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
errors.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
fuzzing_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
fuzzing.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
license_test.go 🌱 Update Binary-Artifacts and License checks (#4079) 2024-05-03 14:50:50 -07:00
license.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
maintained_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
maintained.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
packaging.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
permissions_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
permissions.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
pinned_dependencies_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
pinned_dependencies.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
probes.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
sast_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
sast.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
sbom_test.go Add experimental check for published SBOM (#3903) 2024-05-17 18:16:54 +00:00
sbom.go Add experimental check for published SBOM (#3903) 2024-05-17 18:16:54 +00:00
security_policy_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
security_policy.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
signed_releases_test.go ⚠️ Add ProjectPackageVersions to raw data collection (#4104) 2024-05-30 16:00:36 -04:00
signed_releases.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
vulnerabilities_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
vulnerabilities.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
webhook_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
webhook.go ⚠️ errors in ErrXXX format (#4040) 2024-04-17 22:49:12 -07:00
write.md Detect fuzzing in Haskell by the presence of property tests. (#2843) 2023-04-12 17:29:29 +00:00