ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-09-17 11:57:12 +03:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
f422f692fe
scorecard/checks
History
AdamKorcz f422f692fe
🌱 Convert Dangerous Workflow check to probes (#3521) 
* 🌱 Convert Dangerous Workflow check to probes

Signed-off-by: AdamKorcz <adam@adalogics.com>

* remove hasAnyWorkflows probe

Signed-off-by: AdamKorcz <adam@adalogics.com>

* combine two conditionals into one

Signed-off-by: AdamKorcz <adam@adalogics.com>

* preserve logging from original evaluation

Signed-off-by: AdamKorcz <adam@adalogics.com>

* rebase

Signed-off-by: AdamKorcz <adam@adalogics.com>

---------

Signed-off-by: AdamKorcz <adam@adalogics.com>
2023-11-06 21:43:03 +00:00
..
evaluation 🌱 Convert Dangerous Workflow check to probes (#3521) 2023-11-06 21:43:03 +00:00
fileparser 🌱 Bump github.com/rhysd/actionlint from 1.6.15 to 1.6.26 (#3489) 2023-10-02 14:21:40 -07:00
raw 🌱 Convert Dangerous Workflow check to probes (#3521) 2023-11-06 21:43:03 +00:00
testdata broaden job matcher for semantic release (#3506) 2023-10-03 18:27:26 -07:00
all_checks_test.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
all_checks.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
binary_artifact_test.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
binary_artifact.go Support Binary-Artifacts check again for local repos (#3415) 2023-08-23 10:25:26 -07:00
branch_protection_test.go Move "EnforcesAdmins" to tier 5 Branch-Protection (#3502) 2023-09-25 15:10:23 -04:00
branch_protection.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
ci_tests_test.go 🐛 Fix typo in CITests runtime errors causing duplicate Code-Review checks. (#2756) 2023-03-15 12:55:53 -07:00
ci_tests.go 🐛 Fix typo in CITests runtime errors causing duplicate Code-Review checks. (#2756) 2023-03-15 12:55:53 -07:00
cii_best_practices_test.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
cii_best_practices.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
code_review_test.go 🐛 Code Review: Use proportional scoring (#2882) 2023-06-14 15:13:20 +00:00
code_review.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
contributors_test.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
contributors.go 🌱 Add probe support for contributors metrics (#3460) 2023-10-24 14:02:18 -07:00
dangerous_workflow.go 🌱 Convert Dangerous Workflow check to probes (#3521) 2023-11-06 21:43:03 +00:00
dependency_update_tool_test.go remove sonatype lift (#3605) 2023-10-24 20:46:57 -04:00
dependency_update_tool.go checks/evaluation logs findings (#3409) 2023-09-12 15:28:06 +00:00
errors.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
fuzzing_test.go Add additional fuzzing probes (#3473) 2023-10-09 22:41:58 +00:00
fuzzing.go checks/evaluation logs findings (#3409) 2023-09-12 15:28:06 +00:00
license_test.go 🌱 Add license probe (#3465) 2023-10-24 11:48:41 -07:00
license.go 🌱 Add license probe (#3465) 2023-10-24 11:48:41 -07:00
maintained_test.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
maintained.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
packaging.go 🌱 convert packaging check to probe (#3486) 2023-10-24 19:12:05 +00:00
permissions_test.go broaden job matcher for semantic release (#3506) 2023-10-03 18:27:26 -07:00
permissions.go Structured results for permissions (#2584) 2023-01-30 18:41:36 -08:00
pinned_dependencies.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
probes.go checks/evaluation logs findings (#3409) 2023-09-12 15:28:06 +00:00
sast_test.go 🐛 SAST detect new GitHub app slug for CodeQL (#3591) 2023-10-20 14:13:08 -07:00
sast.go 🐛 SAST detect new GitHub app slug for CodeQL (#3591) 2023-10-20 14:13:08 -07:00
security_policy_test.go [experimental] Probe support for security policy check (#3241) 2023-08-04 04:52:15 +00:00
security_policy.go checks/evaluation logs findings (#3409) 2023-09-12 15:28:06 +00:00
signed_releases_test.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
signed_releases.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
vulnerabilities_test.go ⚠️ OSV scanner integration (#2509) 2022-12-12 16:46:43 -08:00
vulnerabilities.go 🌱 convert vulnerabilities check to probe (#3487) 2023-10-25 10:02:24 -07:00
webhook_test.go 🌱 add style linters: mirror, tenv, usestdlibvars (#3586) 2023-10-23 22:40:01 +00:00
webhook.go Use new project name in Copyright notices (#2505) 2022-12-01 15:08:48 -08:00
write.md Detect fuzzing in Haskell by the presence of property tests. (#2843) 2023-04-12 17:29:29 +00:00