Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tools: add scorecard ci #47254

Merged
merged 1 commit into from Mar 30, 2023
Merged

tools: add scorecard ci #47254

merged 1 commit into from Mar 30, 2023

Conversation

mateonunez
Copy link
Contributor

This Pull Request aims to integrate the scorecard CI, and to include a badge that exhibits the project's evaluation score as reported in nodejs/security-wg#929.

The enhancement of the score will be achieved through the merging of a PR that incorporates the specified version of the actions, as referenced in #46820.

@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/actions

@nodejs-github-bot nodejs-github-bot added doc Issues and PRs related to the documentations. meta Issues and PRs related to the general management of the project. labels Mar 25, 2023
@tniessen
Copy link
Member

I think we have consciously decided against a variety of available "badges" in the README. I am wondering if this one is helpful to people who come across the README.

@mateonunez
Copy link
Contributor Author

I think we have consciously decided against a variety of available "badges" in the README. I am wondering if this one is helpful to people who come across the README.

I see. Also in undici the scorecard was implemented without the "badge" in the readme. I think it can be avoided in the readme file. Let's see what @RafaelGSS means with the Add a scorecard label to the Node.js README task.

@RafaelGSS
Copy link
Member

I'm fine removing the badge too. We'll have a report.md in the security-wg. That should be fine.

@RafaelGSS
Copy link
Member

@nodejs/security-wg could you please review it?

RafaelGSS
RafaelGSS reviewed Mar 29, 2023
View reviewed changes
Copy link
Member

@RafaelGSS RafaelGSS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please fix the commit message? it should be tools: XX (considering you are also removing the badge)

@RafaelGSS RafaelGSS mentioned this pull request Mar 29, 2023
Closed
4 tasks
@RafaelGSS RafaelGSS changed the title feat: add scorecard ci and score badge tools: add scorecard ci Mar 29, 2023
UlisesGascon
UlisesGascon approved these changes Mar 29, 2023
View reviewed changes
Copy link
Member

@UlisesGascon UlisesGascon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! 🚀

@UlisesGascon UlisesGascon mentioned this pull request Mar 30, 2023
Open
@RafaelGSS RafaelGSS added the commit-queue Add this label to land a pull request using GitHub Actions. label Mar 30, 2023
@nodejs-github-bot nodejs-github-bot added commit-queue-failed An error occurred while landing this pull request using GitHub Actions. and removed commit-queue Add this label to land a pull request using GitHub Actions. labels Mar 30, 2023
@nodejs-github-bot
Copy link
Collaborator

Commit Queue failed
- Loading data for nodejs/node/pull/47254
✔  Done loading data for nodejs/node/pull/47254
----------------------------------- PR info ------------------------------------
Title      tools: add scorecard ci (#47254)
Author     Mateo Nunez  (@mateonunez, first-time contributor)
Branch     mateonunez:feat/add-scorecard -> nodejs:main
Labels     doc, meta
Commits    1
 - tools: add scorecard workflow
Committers 1
 - mateonunez 
PR-URL: https://github.com/nodejs/node/pull/47254
Reviewed-By: Rafael Gonzaga 
------------------------------ Generated metadata ------------------------------
PR-URL: https://github.com/nodejs/node/pull/47254
Reviewed-By: Rafael Gonzaga 
--------------------------------------------------------------------------------
   ℹ  This PR was created on Sat, 25 Mar 2023 15:57:35 GMT
   ✔  Approvals: 1
   ✔  - Rafael Gonzaga (@RafaelGSS) (TSC): https://github.com/nodejs/node/pull/47254#pullrequestreview-1362648093
   ✘  This PR needs to wait 49 more hours to land (or 0 hours if there is one more approval)
   ✔  Last GitHub CI successful
   ℹ  Green GitHub CI is sufficient
--------------------------------------------------------------------------------
   ✔  Aborted `git node land` session in /home/runner/work/node/node/.ncu
https://github.com/nodejs/node/actions/runs/4565236989

mhdawson
mhdawson approved these changes Mar 30, 2023
View reviewed changes
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

marco-ippolito
marco-ippolito approved these changes Mar 30, 2023
View reviewed changes
Copy link
Member

@marco-ippolito marco-ippolito left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@RafaelGSS RafaelGSS added commit-queue Add this label to land a pull request using GitHub Actions. and removed commit-queue-failed An error occurred while landing this pull request using GitHub Actions. labels Mar 30, 2023
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Mar 30, 2023
@nodejs-github-bot nodejs-github-bot merged commit 04cfb82 into nodejs:main Mar 30, 2023
20 checks passed
@nodejs-github-bot
Copy link
Collaborator

Landed in 04cfb82

@mateonunez mateonunez deleted the feat/add-scorecard branch March 30, 2023 14:55
@RafaelGSS RafaelGSS mentioned this pull request Apr 3, 2023
Merged
RafaelGSS pushed a commit that referenced this pull request Apr 5, 2023
@mateonunez @RafaelGSS
tools: add scorecard workflow
3e07b53 
PR-URL: #47254
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
@RafaelGSS RafaelGSS mentioned this pull request Apr 6, 2023
Merged
RafaelGSS pushed a commit that referenced this pull request Apr 6, 2023
@mateonunez @RafaelGSS
tools: add scorecard workflow
63245ed 
PR-URL: #47254
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
RafaelGSS pushed a commit that referenced this pull request Apr 7, 2023
@mateonunez @RafaelGSS
tools: add scorecard workflow
53e8dad 
PR-URL: #47254
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
@mscdex mscdex mentioned this pull request Jun 12, 2023
Closed
danielleadams pushed a commit that referenced this pull request Jul 6, 2023
@mateonunez @danielleadams
tools: add scorecard workflow
b1bcdce 
PR-URL: #47254
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
@danielleadams danielleadams mentioned this pull request Jul 10, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fraxken fraxken fraxken approved these changes

@UlisesGascon UlisesGascon UlisesGascon approved these changes

@mhdawson mhdawson mhdawson approved these changes

@RafaelGSS RafaelGSS RafaelGSS approved these changes

@marco-ippolito marco-ippolito marco-ippolito approved these changes

Assignees
No one assigned
Labels
doc Issues and PRs related to the documentations. meta Issues and PRs related to the general management of the project.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
8 participants
@mateonunez @nodejs-github-bot @tniessen @RafaelGSS @fraxken @UlisesGascon @mhdawson @marco-ippolito