ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-11-13 01:25:07 +03:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
89c8e2af31
scorecard/checks/testdata
History
laurentsimon c741335683
[migration to score] 3: branch protection, frozen-deps, token permissions (#719) 
* details-1

* nits

* typo

* commments

* dependabot and binary artifacts checks

* typo

* linter

* missing errors.go

* linter

* merge fix

* branch protection, frozen-deps, token permissions

* linter

* linter
2021-07-21 09:21:43 -07:00
..
Dockerfile-aws-file Support bash -c "CMD" for docker RUN downloads-then-exec (#600) 2021-06-23 14:09:47 +00:00
Dockerfile-curl-file-sh Support bash -c "CMD" for docker RUN downloads-then-exec (#600) 2021-06-23 14:09:47 +00:00
Dockerfile-curl-sh Support bash -c "CMD" for docker RUN downloads-then-exec (#600) 2021-06-23 14:09:47 +00:00
Dockerfile-gsutil-file Support bash -c "CMD" for docker RUN downloads-then-exec (#600) 2021-06-23 14:09:47 +00:00
Dockerfile-invalid Add check for Docker dependency pinning by hash (#469) 2021-05-19 09:46:39 -07:00
Dockerfile-not-pinned Add check for Docker dependency pinning by hash (#469) 2021-05-19 09:46:39 -07:00
Dockerfile-not-pinned-as [migration to score] 3: branch protection, frozen-deps, token permissions (#719) 2021-07-21 09:21:43 -07:00
Dockerfile-pinned ignore scratch frm dockerfile imports 2021-05-20 13:23:27 -05:00
Dockerfile-pinned-as ignore scratch frm dockerfile imports 2021-05-20 13:23:27 -05:00
Dockerfile-pkg-managers Detect python -m pip pkg (#611) 2021-07-09 00:48:36 +00:00
Dockerfile-proc-subs Support bash -c "CMD" for docker RUN downloads-then-exec (#600) 2021-06-23 14:09:47 +00:00
Dockerfile-script-ok Check: detect downloads of scripts/binaries in docker's RUN (#584) 2021-06-21 18:45:15 +00:00
Dockerfile-wget-bin-sh Support bash -c "CMD" for docker RUN downloads-then-exec (#600) 2021-06-23 14:09:47 +00:00
Dockerfile-wget-file Support bash -c "CMD" for docker RUN downloads-then-exec (#600) 2021-06-23 14:09:47 +00:00
github-workflow-curl-default check insecure downloads in github workflows (#610) 2021-06-25 17:30:17 +00:00
github-workflow-curl-no-default check insecure downloads in github workflows (#610) 2021-06-25 17:30:17 +00:00
github-workflow-permissions-absent.yaml check for read-only permissions of github token (#534) 2021-06-03 16:30:37 -07:00
github-workflow-permissions-none.yaml check for read-only permissions of github token (#534) 2021-06-03 16:30:37 -07:00
github-workflow-permissions-nones.yaml check for read-only permissions of github token (#534) 2021-06-03 16:30:37 -07:00
github-workflow-permissions-readall.yaml check for read-only permissions of github token (#534) 2021-06-03 16:30:37 -07:00
github-workflow-permissions-reads.yaml check for read-only permissions of github token (#534) 2021-06-03 16:30:37 -07:00
github-workflow-permissions-writeall.yaml check for read-only permissions of github token (#534) 2021-06-03 16:30:37 -07:00
github-workflow-permissions-writes.yaml check for read-only permissions of github token (#534) 2021-06-03 16:30:37 -07:00
github-workflow-wget-across-steps check insecure downloads in github workflows (#610) 2021-06-25 17:30:17 +00:00
script-bash Check for shell script's insecure download (#606) 2021-06-24 17:24:14 +00:00
script-pkg-managers Detect python -m pip pkg (#611) 2021-07-09 00:48:36 +00:00
script-sh Check for shell script's insecure download (#606) 2021-06-24 17:24:14 +00:00
script.sh Check for shell script's insecure download (#606) 2021-06-24 17:24:14 +00:00
workflow-not-pinned.yaml Add checks for workflow action pinning (#466) 2021-05-17 13:03:39 -07:00
workflow-pinned.yaml Add checks for workflow action pinning (#466) 2021-05-17 13:03:39 -07:00