-
Notifications
You must be signed in to change notification settings - Fork 485
Issues: ossf/scorecard
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Feature: New Check "Criticality and Maturity"
kind/enhancement
New feature or request
Stale
#3821
opened Jan 26, 2024 by
menocu
Feature: New check "Secure runners"
good first issue
Good for newcomers
kind/enhancement
New feature or request
kind/new-check
New check for scorecard
Stale
#3801
opened Jan 17, 2024 by
pnacht
Feature: dangerous CI
check/Dangerous-workflow
kind/enhancement
New feature or request
kind/new-check
New check for scorecard
Stale
#3630
opened Oct 30, 2023 by
laurentsimon
Feature request: Add new check for developer education
kind/enhancement
New feature or request
kind/new-check
New check for scorecard
Stale
#3534
opened Oct 4, 2023 by
david-a-wheeler
New check suggestion: Fork; is the repository a fork?
good first issue
Good for newcomers
kind/enhancement
New feature or request
kind/new-check
New check for scorecard
Stale
#3223
opened Jun 27, 2023 by
andrelmbackman
Review hipcheck for potential criteria & code improvements (feature request)
kind/enhancement
New feature or request
Stale
#2816
opened Apr 3, 2023 by
david-a-wheeler
Feature: determine if publishing is credential-based or OIDC-based
check/Packaging
help wanted
Community contributions welcome, maintainers supportive of idea but not a high priority
kind/enhancement
New feature or request
kind/new-check
New check for scorecard
#2761
opened Mar 16, 2023 by
di
Feature: Dangerous Workflows - Imposter Commit Check
check/Dangerous-workflow
check/Pinned-Dependencies
kind/enhancement
New feature or request
kind/new-check
New check for scorecard
Stale
#2733
opened Mar 8, 2023 by
wlynch
Add support for SBOM analyzing at Binary-Artifacts stage by integrating New feature or request
Stale
sbom-scorecard
kind/enhancement
#2605
opened Jan 19, 2023 by
Dentrax
Discussion: New check: dependency good practices
kind/enhancement
New feature or request
kind/new-check
New check for scorecard
Stale
#2531
opened Dec 9, 2022 by
laurentsimon
Factor whether or not private vulnerability reporting is enabled into the scorecard
check/Security-Policy
good first issue
Good for newcomers
help wanted
Community contributions welcome, maintainers supportive of idea but not a high priority
kind/enhancement
New feature or request
#2465
opened Nov 18, 2022 by
JasonKeirstead
Feature: New check for average time to update dependencies
kind/enhancement
New feature or request
kind/new-check
New check for scorecard
Stale
#2458
opened Nov 15, 2022 by
olivekl
Feature: Add fork analysis for "Maintained" check or a new check
check/Maintained
good first issue
Good for newcomers
kind/enhancement
New feature or request
Stale
#2352
opened Oct 14, 2022 by
qequ
Feature: Assess presence and maintenance of a threat model
kind/enhancement
New feature or request
Stale
#2142
opened Aug 12, 2022 by
lyndon160
Feature: stale maintainers
kind/enhancement
New feature or request
kind/new-check
New check for scorecard
Stale
#2027
opened Jul 8, 2022 by
laurentsimon
Feature: New check for SLSA provenance generation
kind/enhancement
New feature or request
kind/new-check
New check for scorecard
Stale
#1776
opened Mar 24, 2022 by
laurentsimon
Rename "CII Best Practices Badge" to "OpenSSF Best Practices Badge"
check/CII-Best-Practices
kind/docs
Improvements or additions to documentation
#1549
opened Jan 27, 2022 by
david-a-wheeler
New check: Security Audit check
kind/new-check
New check for scorecard
needs discussion
#1507
opened Jan 21, 2022 by
inferno-chromium
BUG - Pinned-Dependencies should not look into vendor directories
check/Pinned-Dependencies
kind/bug
Something isn't working
#1095
opened Oct 1, 2021 by
naveensrinivasan
New check: download of .whl followed by pip install
kind/enhancement
New feature or request
Stale
#613
opened Jun 24, 2021 by
laurentsimon
New check: unpinned repo clone
kind/enhancement
New feature or request
kind/new-check
New check for scorecard
Stale
#608
opened Jun 24, 2021 by
laurentsimon
New Check: time to fix security vuln
kind/enhancement
New feature or request
#548
opened Jun 4, 2021 by
laurentsimon
Frozen deps should check for hash pinning
kind/enhancement
New feature or request
priority/must-do
Upcoming release
#427
opened May 10, 2021 by
laurentsimon
New check: check for dependency scanner
kind/enhancement
New feature or request
#413
opened May 7, 2021 by
laurentsimon
Previous Next
ProTip!
Adding no:label will show everything without a label.