Issues: ossf/scorecard
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Why stepsecurity is refereneced so much?
kind/bug
Something isn't working
#4081
opened May 4, 2024 by
anantshri
Use GItHub attestations to check for signed releases
check/Signed-Releases
kind/enhancement
New feature or request
#4080
opened May 4, 2024 by
edgarrmondragon
Feature: Recognize Cirrus-CI as a well-known CI
kind/enhancement
New feature or request
#4075
opened May 2, 2024 by
emaste
Feature: Service Status Page
kind/enhancement
New feature or request
#4074
opened May 2, 2024 by
jeffmendoza
✨Creating the Scorecard Universe ✨
area/community
Used for adding contributors, community outreach, etc.
kind/docs
Improvements or additions to documentation
#4073
opened May 1, 2024 by
justaugustus
3 of 11 tasks
support querying platform specific API capabilities in RepoClient
area/api
kind/enhancement
New feature or request
#4049
opened Apr 22, 2024 by
spencerschrock
BUG: Code-Review missing review markers
check/Code-Review
kind/bug
Something isn't working
#4038
opened Apr 17, 2024 by
emaste
Existing OpenSSF best practices badge isn't added to a scorecard report
check/CII-Best-Practices
cron-job
kind/bug
Something isn't working
#4037
opened Apr 16, 2024 by
yrusskih
Parts of security scorecard doesn't allow excluding issues from scoring when they have no affect on an end-user
kind/bug
Something isn't working
#4036
opened Apr 15, 2024 by
yrusskih
update the SPDX license list
check/License
good first issue
Good for newcomers
kind/enhancement
New feature or request
#4031
opened Apr 15, 2024 by
spencerschrock
Include human friendly links for the GitHub artifacts for Signed-Releases
check/Signed-Releases
good first issue
Good for newcomers
kind/enhancement
New feature or request
#4030
opened Apr 15, 2024 by
spencerschrock
Specify a user agent for OSV.dev
check/Vulnerabilities
good first issue
Good for newcomers
kind/enhancement
New feature or request
#4029
opened Apr 15, 2024 by
spencerschrock
the Something isn't working
Signed-Releases
remediation steps encourage manual manipulation of the source code archives
kind/bug
#4018
opened Apr 9, 2024 by
junyer
Contribution account age as a factor
kind/enhancement
New feature or request
#4000
opened Apr 3, 2024 by
joubin
BUG: Issues with contributor scoring
kind/bug
Something isn't working
#3996
opened Apr 3, 2024 by
siralmat
"Vulnerabilities" check: unclear description ("open vulnerabilities")
kind/enhancement
New feature or request
#3994
opened Apr 3, 2024 by
Chealer
README: Unable to query Public data using BigQuery Explorer
kind/bug
Something isn't working
#3989
opened Apr 2, 2024 by
Chealer
README/FAQ: Unclear references to "the webviewer"
kind/docs
Improvements or additions to documentation
#3986
opened Apr 2, 2024 by
Chealer
Feature: Add machine-readable remediation to the hasDangerousWorkflowScriptInjection probe
check/Dangerous-workflow
kind/enhancement
New feature or request
needs discussion
question
Further information is requested
#3950
opened Mar 18, 2024 by
pnacht
Vulnerable package has score 10/10 in Vulnerabilities
check/Vulnerabilities
kind/bug
Something isn't working
kind/enhancement
New feature or request
#3946
opened Mar 13, 2024 by
jorgsowa
Feature: Probe whether repo has up-to-date CODEOWNERS
check/Contributors
check/Maintained
good first issue
Good for newcomers
kind/enhancement
New feature or request
#3931
opened Mar 10, 2024 by
raghavkaul
Dangerous Workflow: some user input are not being detected as untrusted input.
check/Dangerous-workflow
good first issue
Good for newcomers
kind/enhancement
New feature or request
#3915
opened Mar 4, 2024 by
diogoteles08
BUG Something isn't working
.sigstore
bundles are not being found by Signed-Releases check
kind/bug
#3913
opened Mar 4, 2024 by
cpswan
Previous Next
ProTip!
Exclude everything labeled
bug
with -label:bug.