-
Notifications
You must be signed in to change notification settings - Fork 560
Insights: ossf/scorecard
Overview
-
- 3 Merged pull requests
- 9 Open pull requests
- 0 Closed issues
- 4 New issues
Could not load contribution data
Please try again later
3 Pull requests merged by 3 people
-
📖 Capitalization and punctuation in CONTRIBUTING.md
#4714 merged
Jul 24, 2025 -
🌱 add test cases for author name and email
#4721 merged
Jul 24, 2025 -
🌱 limit webhook payload size to 1024 bytes
#4700 merged
Jul 21, 2025
9 Pull requests opened by 3 people
-
:seedling: Bump the github-actions group with 2 updates
#4709 opened
Jul 21, 2025 -
:seedling: Bump the gomod group across 2 directories with 5 updates
#4710 opened
Jul 21, 2025 -
🌱 Add utils for retrieving data about project dependencies
#4711 opened
Jul 21, 2025 -
🐛 detect dangerous patterns in toJSON() in dangerous workflows
#4717 opened
Jul 23, 2025 -
🐛 detect label names in dangerous workflows
#4718 opened
Jul 23, 2025 -
🐛 detect discussion title and body in dangerous workflow
#4719 opened
Jul 23, 2025 -
🐛 detect blocked user name and email in dangerous workflow
#4720 opened
Jul 23, 2025 -
🌱 add cases for alerts in dangerous workflow pattern detection
#4722 opened
Jul 24, 2025 -
:sparkles: Initial draft of using Minder rules in Scorecard
#4723 opened
Jul 25, 2025
4 Issues opened by 4 people
-
Recursive GH workflow traversal
#4716 opened
Jul 23, 2025 -
Codespaces instructions in CONTRIBUTING.md
#4715 opened
Jul 22, 2025 -
Signed Releases documentation unhelpful
#4713 opened
Jul 22, 2025 -
Contributors check isn't supporting --commit flag
#4712 opened
Jul 22, 2025
10 Unresolved conversations
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
-
:sparkles: feat: Refactor scorecard serve cmd
#4665 commented on
Jul 27, 2025 • 8 new comments -
🐛 check for npm package git URLs
#4680 commented on
Jul 24, 2025 • 2 new comments -
📖 Rephrased the CI-Test description.
#4708 commented on
Jul 25, 2025 • 2 new comments -
🌱 add support for hadolint SAST
#4688 commented on
Jul 24, 2025 • 1 new comment -
Upgrade to go 1.24
#4636 commented on
Jul 22, 2025 • 0 new comments -
Adding memory safety related checks
#3736 commented on
Jul 23, 2025 • 0 new comments -
[Feature] Support GitHub Attestations with artifacts for Signed-Releases
#4667 commented on
Jul 23, 2025 • 0 new comments -
BUG: Dangerous-Workflow doesn't trigger on `toJSON(github.event)`
#3554 commented on
Jul 25, 2025 • 0 new comments -
:seedling: migrate to golangci-lint v2
#4641 commented on
Jul 21, 2025 • 0 new comments -
🌱 implement GetPackage for depsdev client
#4697 commented on
Jul 22, 2025 • 0 new comments