ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-09-20 05:27:12 +03:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
4fafac9984
scorecard/probes
History
DavidKorczynski 2ef20f17fb
🌱 SAST: add Snyk probe (#3689) 
* SAST: add Snyk probe

Adds Snyk's GitHub action (https://github.com/snyk/actions) as a probe.

Signed-off-by: David Korczynski <david@adalogics.com>

* nit

Signed-off-by: David Korczynski <david@adalogics.com>

* e2e: adjust sast test to additional probe

Signed-off-by: David Korczynski <david@adalogics.com>

* checks: sast: nit, fix e2e test 

Signed-off-by: DavidKorczynski <david@adalogics.com>

* Add test with positive outcome

Signed-off-by: David Korczynski <david@adalogics.com>

* fix comment

Signed-off-by: David Korczynski <david@adalogics.com>

* sast: snyk: add workflow test

Signed-off-by: David Korczynski <david@adalogics.com>

* address review

Signed-off-by: David Korczynski <david@adalogics.com>

* sast: adjust snyk to be the same with sonar

Signed-off-by: David Korczynski <david@adalogics.com>

* provide path to WF file

Signed-off-by: David Korczynski <david@adalogics.com>

* adjust path for finding

Signed-off-by: David Korczynski <david@adalogics.com>

* use prefix rather than contains

Signed-off-by: David Korczynski <david@adalogics.com>

---------

Signed-off-by: David Korczynski <david@adalogics.com>
Signed-off-by: DavidKorczynski <david@adalogics.com>
2023-12-18 22:20:47 -05:00
..
contributorsFromOrgOrCompany 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
freeOfAnyBinaryArtifacts 🌱 convert binary artifact check to probe (#3508) 2023-12-05 00:24:16 -08:00
freeOfUnverifiedBinaryArtifacts 🌱 convert binary artifact check to probe (#3508) 2023-12-05 00:24:16 -08:00
fuzzedWithCLibFuzzer 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
fuzzedWithClusterFuzzLite 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
fuzzedWithCppLibFuzzer 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
fuzzedWithGoNative 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
fuzzedWithJavaJazzerFuzzer 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
fuzzedWithOSSFuzz 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
fuzzedWithPropertyBasedHaskell 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
fuzzedWithPropertyBasedJavascript 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
fuzzedWithPropertyBasedTypescript 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
fuzzedWithPythonAtheris 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
fuzzedWithRustCargofuzz 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
fuzzedWithSwiftLibFuzzer 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
hasDangerousWorkflowScriptInjection 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
hasDangerousWorkflowUntrustedCheckout 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
hasFSFOrOSIApprovedLicense 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
hasLicenseFile 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
hasLicenseFileAtTopDir 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
hasOpenSSFBadge 🌱 convert CII Best Practices check to probes (#3520) 2023-11-28 12:02:26 -08:00
hasOSVVulnerabilities 🌱 Disable more style linters for test files (#3707) 2023-12-04 02:14:01 +00:00
hasRecentCommits 🌱 make maintained values keys constants (#3700) 2023-11-28 17:30:06 +00:00
internal/utils 🌱 Add probe test utility (#3541) 2023-10-06 10:51:41 -07:00
issueActivityByProjectMember 🌱 make maintained values keys constants (#3700) 2023-11-28 17:30:06 +00:00
notArchived 📖 fix typo (#3699) 2023-11-28 20:59:35 +00:00
notCreatedRecently 🌱 Migrate Maintained check to probes (#3507) 2023-11-17 09:57:10 -08:00
packagedWithAutomatedWorkflow 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
releasesAreSigned convert Signed Releases to probes (#3610) 2023-12-13 07:51:32 -08:00
releasesHaveProvenance convert Signed Releases to probes (#3610) 2023-12-13 07:51:32 -08:00
sastToolCodeQLInstalled 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
sastToolRunsOnAllCommits 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
sastToolSnykInstalled 🌱 SAST: add Snyk probe (#3689) 2023-12-18 22:20:47 -05:00
sastToolSonarInstalled 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
securityPolicyContainsLinks 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
securityPolicyContainsText 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
securityPolicyContainsVulnerabilityDisclosure 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
securityPolicyPresent 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
testsRunInCI 🌱 convert CI-Tests check to probes (#3621) 2023-12-11 10:15:50 -08:00
toolDependabotInstalled 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
toolPyUpInstalled 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
toolRenovateInstalled 🌱 enable nolintlint linter and fix violations (#3650) 2023-11-15 11:44:28 -08:00
webhooksUseSecrets 🌱 convert Webhook check to probes (#3522) 2023-12-05 18:59:42 +00:00
zrunner [experimental] Add probe code and support for Tool-Update-Dependency (#2944) 2023-05-22 18:13:24 -07:00
entries.go 🌱 SAST: add Snyk probe (#3689) 2023-12-18 22:20:47 -05:00