Skip to content

Issues: ossf/scorecard

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

334 Open 740 Closed
334 Open 740 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Why stepsecurity is refereneced so much? kind/bug Something isn't working
#4081 opened May 4, 2024 by anantshri
3
Use GItHub attestations to check for signed releases check/Signed-Releases kind/enhancement New feature or request
#4080 opened May 4, 2024 by edgarrmondragon
1
Feature: Recognize Cirrus-CI as a well-known CI kind/enhancement New feature or request
#4075 opened May 2, 2024 by emaste
Feature: Service Status Page kind/enhancement New feature or request
#4074 opened May 2, 2024 by jeffmendoza
✨Creating the Scorecard Universe ✨ area/community Used for adding contributors, community outreach, etc. kind/docs Improvements or additions to documentation
#4073 opened May 1, 2024 by justaugustus
3 of 11 tasks
@justaugustus
1
BUG: Unrecognized CI/CDs kind/bug Something isn't working
#4050 opened Apr 24, 2024 by gabibguti
4
support querying platform specific API capabilities in RepoClient area/api kind/enhancement New feature or request
#4049 opened Apr 22, 2024 by spencerschrock
2
BUG: Patch Maintainers Annotations kind/bug Something isn't working
#4048 opened Apr 22, 2024 by gabibguti
11 tasks
Maintainer Annotations
1
BUG: Code-Review missing review markers check/Code-Review kind/bug Something isn't working
#4038 opened Apr 17, 2024 by emaste
1
7
Existing OpenSSF best practices badge isn't added to a scorecard report check/CII-Best-Practices cron-job kind/bug Something isn't working
#4037 opened Apr 16, 2024 by yrusskih
2
Parts of security scorecard doesn't allow excluding issues from scoring when they have no affect on an end-user kind/bug Something isn't working
#4036 opened Apr 15, 2024 by yrusskih
3
update the SPDX license list check/License good first issue Good for newcomers kind/enhancement New feature or request
#4031 opened Apr 15, 2024 by spencerschrock
@lelia
1
Include human friendly links for the GitHub artifacts for Signed-Releases check/Signed-Releases good first issue Good for newcomers kind/enhancement New feature or request
#4030 opened Apr 15, 2024 by spencerschrock
@schaeferka
1
Specify a user agent for OSV.dev check/Vulnerabilities good first issue Good for newcomers kind/enhancement New feature or request
#4029 opened Apr 15, 2024 by spencerschrock
the Signed-Releases remediation steps encourage manual manipulation of the source code archives kind/bug Something isn't working
#4018 opened Apr 9, 2024 by junyer
Contribution account age as a factor kind/enhancement New feature or request
#4000 opened Apr 3, 2024 by joubin
BUG: Issues with contributor scoring kind/bug Something isn't working
#3996 opened Apr 3, 2024 by siralmat
1
"Vulnerabilities" check: unclear description ("open vulnerabilities") kind/enhancement New feature or request
#3994 opened Apr 3, 2024 by Chealer
README: Unable to query Public data using BigQuery Explorer kind/bug Something isn't working
#3989 opened Apr 2, 2024 by Chealer
README/FAQ: Unclear references to "the webviewer" kind/docs Improvements or additions to documentation
#3986 opened Apr 2, 2024 by Chealer
1
Feature: Add machine-readable remediation to the hasDangerousWorkflowScriptInjection probe check/Dangerous-workflow kind/enhancement New feature or request needs discussion question Further information is requested
#3950 opened Mar 18, 2024 by pnacht
Vulnerable package has score 10/10 in Vulnerabilities check/Vulnerabilities kind/bug Something isn't working kind/enhancement New feature or request
#3946 opened Mar 13, 2024 by jorgsowa
1
Feature: Probe whether repo has up-to-date CODEOWNERS check/Contributors check/Maintained good first issue Good for newcomers kind/enhancement New feature or request
#3931 opened Mar 10, 2024 by raghavkaul
@schaeferka
4
Dangerous Workflow: some user input are not being detected as untrusted input. check/Dangerous-workflow good first issue Good for newcomers kind/enhancement New feature or request
#3915 opened Mar 4, 2024 by diogoteles08
2
BUG .sigstore bundles are not being found by Signed-Releases check kind/bug Something isn't working
#3913 opened Mar 4, 2024 by cpswan
5
ProTip! Exclude everything labeled bug with -label:bug.