ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-10-05 13:17:08 +03:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity
main
scorecard/checks/raw
History
Avishay Balter 41f91ed862
Support Nuget Pinned Dependency with RestoreLockedMode attribute (#4351) 
* Support restorelockedmode dev (#9)

Support pinning dependency in .NET using lockfile by declaring the RestoreLockedMode attribute in csproj

Co-authored-by: Liam Moat <contact@liammoat.com>
Co-authored-by: Ioana A <Ioana37@users.noreply.github.com>
Co-authored-by: Mélanie Guittet <meguittet@users.noreply.github.com>
Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* fixing PR checks and adding tests

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* move csproj to fileparser

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* internal error

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* fix using error
Signed-off-by: balteraivshay <avishay.balter@gmail.com>

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* PR fixes

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* fix test

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* fix pr %e comment

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* fix PR comments

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* Co-authored-by: Ioana A <Ioana37@users.noreply.github.com>

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* merge main

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* pr comments

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

* fix last comments

Signed-off-by: balteraivshay <avishay.balter@gmail.com>

---------

Signed-off-by: balteraivshay <avishay.balter@gmail.com>
Co-authored-by: Liam Moat <contact@liammoat.com>
Co-authored-by: Ioana A <Ioana37@users.noreply.github.com>
Co-authored-by: Mélanie Guittet <meguittet@users.noreply.github.com>
2024-10-03 19:36:15 +00:00
..
github ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
gitlab ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
testdata Support Nuget Pinned Dependency with RestoreLockedMode attribute (#4351) 2024-10-03 19:36:15 +00:00
binary_artifact_test.go 🐛 Support renamed gradle verification action and callers which pin to hash (#4097) 2024-05-09 18:27:34 +00:00
binary_artifact.go 🌱 Bump github.com/golangci/golangci-lint from 1.57.2 to 1.58.1 in /tools (#4108) 2024-05-15 16:58:27 +00:00
branch_protection_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
branch_protection.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
ci_tests.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
cii_best_practices.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
code_review_test.go 🐛 Code-Review: change phabricator regex to allow URLs (#4086) 2024-05-07 09:51:39 -07:00
code_review.go ⚠️ Add ProjectPackageVersions to raw data collection (#4104) 2024-05-30 16:00:36 -04:00
contributors_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
contributors.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
dangerous_workflow_test.go 🌱 Bump github.com/golangci/golangci-lint from 1.59.1 to 1.60.1 in /tools (#4301) 2024-08-14 22:33:29 +00:00
dangerous_workflow.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
dependency_update_tool_test.go Recognize scala-steward as dependency update tool (#4130) 2024-05-30 17:57:19 +00:00
dependency_update_tool.go Recognize scala-steward as dependency update tool (#4130) 2024-05-30 17:57:19 +00:00
errors.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
fuzzing_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
fuzzing.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
license_test.go 🌱 re-enable paralleltest linter (#3705) 2023-12-04 02:25:03 +00:00
license.go Update SPDX license list, source for license data (#4323) 2024-09-10 13:07:43 -07:00
maintained_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
maintained.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
permissions.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
pinned_dependencies_test.go Support Nuget Pinned Dependency with RestoreLockedMode attribute (#4351) 2024-10-03 19:36:15 +00:00
pinned_dependencies.go Support Nuget Pinned Dependency with RestoreLockedMode attribute (#4351) 2024-10-03 19:36:15 +00:00
sast_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
sast.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
sbom_test.go Add experimental check for published SBOM (#3903) 2024-05-17 18:16:54 +00:00
sbom.go Add experimental check for published SBOM (#3903) 2024-05-17 18:16:54 +00:00
security_policy_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
security_policy.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
shell_download_validate_test.go Add support for Nuget restore (#4157) 2024-07-10 23:04:59 +00:00
shell_download_validate.go Support Nuget Pinned Dependency with RestoreLockedMode attribute (#4351) 2024-10-03 19:36:15 +00:00
signed_releases.go ⚠️ Add ProjectPackageVersions to raw data collection (#4104) 2024-05-30 16:00:36 -04:00
vulnerabilities_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
vulnerabilities.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
webhook.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00
webhooks_test.go ⚠️ Replace v4 module references with v5 (#4027) 2024-04-12 14:51:50 -07:00