ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-11-04 03:52:31 +03:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
30cae86ab0
scorecard/docs
History
David A. Wheeler 30cae86ab0
📖 Warn when checks are prone to false negatives (#1019) 
* Warn when checks are prone to false negatives

Automated tools normally have some false negatives,
some false positives, or both. However, some scorecard criteria
are *especially* prone to false negatives (where a
project meets the criterion but the tool says it doesn't).

This commit adds warning text about false negatives for
criteria that are especially prone to false negatives.
In all cases the problem is that there are *many* ways to
implement the criterion, so while the tool may detect some
cases, there are countless other situations it will fail to detect.
While this doesn't *fix* the problem, warning the humans
will encourage them to double-check these criteria before
making decisions. Sometimes this is the best you can do, and
it's better than not having a warning.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>

* Fix text per pull request feedback

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>

Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2021-09-16 00:21:17 +00:00
..
checks 📖 Warn when checks are prone to false negatives (#1019) 2021-09-16 00:21:17 +00:00
checks.md 📖 Warn when checks are prone to false negatives (#1019) 2021-09-16 00:21:17 +00:00