-
Notifications
You must be signed in to change notification settings - Fork 491
Issues: ossf/scorecard
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
BUG Pinned Dependency checks for nuget/.Net does not consider implicit restore
check/Pinned-Dependencies
kind/bug
Something isn't working
#4381
opened Oct 11, 2024 by
balteravishay
Wrong link in /docs/checks.md file
kind/bug
Something isn't working
#4362
opened Sep 28, 2024 by
AleX04Nov
Public GH repo is getting 422 Validation Failed
kind/bug
Something isn't working
#4352
opened Sep 18, 2024 by
diberry
BUG: CI-Tests and SAST internal error for private repository, full permissions granted
kind/bug
Something isn't working
#4307
opened Aug 21, 2024 by
byangtri
Internal Go error when scanning a package internal to my own gitlab instance
kind/bug
Something isn't working
#4303
opened Aug 16, 2024 by
andrew-lovato
Investigate GitHub commit status failures
check/CI-Tests
GitHub
kind/bug
Something isn't working
#4273
opened Aug 1, 2024 by
spencerschrock
BUG: .Net pinned dependency should support Central Package Management
kind/bug
Something isn't working
#4252
opened Jul 23, 2024 by
balteravishay
BUG: Contributor check can be false positive
check/Contributors
kind/bug
Something isn't working
#4175
opened Jun 14, 2024 by
Zxilly
BUG: scroreboard cannot recognize the GitHub Attestations
check/Signed-Releases
kind/bug
Something isn't working
#4174
opened Jun 14, 2024 by
Zxilly
Parts of security scorecard doesn't allow excluding issues from scoring when they have no affect on an end-user
kind/bug
Something isn't working
#4036
opened Apr 15, 2024 by
yrusskih
BUG: Issues with contributor scoring
kind/bug
Something isn't working
#3996
opened Apr 3, 2024 by
siralmat
README: Unable to query Public data using BigQuery Explorer
kind/bug
Something isn't working
#3989
opened Apr 2, 2024 by
Chealer
Vulnerable package has score 10/10 in Vulnerabilities
check/Vulnerabilities
kind/bug
Something isn't working
kind/enhancement
New feature or request
#3946
opened Mar 13, 2024 by
jorgsowa
BUG: Binary-Artifact and Pinned-Dependencies kill Scorecard in a repo with large files
check/Binary-Artifacts
check/Pinned-Dependencies
kind/bug
Something isn't working
#3831
opened Jan 30, 2024 by
pnacht
Does not detect use of CodeQL (SAST)
check/SAST
kind/bug
Something isn't working
#3817
opened Jan 23, 2024 by
mwager
False positive detection of binary file for Binary-Artifacts checker
check/Binary-Artifacts
kind/bug
Something isn't working
#3760
opened Dec 31, 2023 by
rouault
BUG: CI-Tests: internal error: internal error: Client.Repositories.ListStatuses: error getting commit statuses
check/CI-Tests
gitlab
Issue related to Scorecard's GitLab client
good first issue
Good for newcomers
kind/bug
Something isn't working
#3701
opened Nov 28, 2023 by
adam-moss
BUG: Internal error when parsing Dockerfile on Pinned-Dependencies check
check/Pinned-Dependencies
kind/bug
Something isn't working
#3692
opened Nov 23, 2023 by
joycebrum
Pinned dependencies check in Dockerfile does not handle build args
check/Pinned-Dependencies
kind/bug
Something isn't working
#3684
opened Nov 18, 2023 by
sudo-bmitch
BUG: actions/github-script context should be considered dangerous
kind/bug
Something isn't working
#3681
opened Nov 16, 2023 by
gabibguti
BUG: Error during "Dependency-Update-Tools" on GitHub Enterprise Server
Check/Dependency-Update-Tool
kind/bug
Something isn't working
self-hosted
#3607
opened Oct 25, 2023 by
mariusfilipowski
BUG: Internal Error during "Branch-Protection" on GitHub Enterprise Server
check/Branch-Protection
kind/bug
Something isn't working
self-hosted
#3606
opened Oct 25, 2023 by
mariusfilipowski
BUG: Dangerous-Workflow doesn't trigger on Good for newcomers
kind/bug
Something isn't working
toJSON(github.event)
check/Dangerous-workflow
good first issue
#3554
opened Oct 10, 2023 by
pnacht
Previous Next
ProTip!
Adding no:label will show everything without a label.