Issues: ossf/scorecard
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
support querying platform specific API capabilities in RepoClient
area/api
kind/enhancement
New feature or request
#4049
opened Apr 22, 2024 by
spencerschrock
BUG: Pinned-Dependencies need ability to exclude non-build/release workflows
kind/bug
Something isn't working
#4039
opened Apr 17, 2024 by
emaste
BUG: Code-Review missing review markers
kind/bug
Something isn't working
#4038
opened Apr 17, 2024 by
emaste
Existing OpenSSF best practices badge isn't added to a scorecard report
kind/bug
Something isn't working
#4037
opened Apr 16, 2024 by
yrusskih
Parts of security scorecard doesn't allow excluding issues from scoring when they have no affect on an end-user
kind/bug
Something isn't working
#4036
opened Apr 15, 2024 by
yrusskih
improve binary artifact and license tests to match other checks
area/testing
check/Binary-Artifacts
check/License
good first issue
Good for newcomers
#4032
opened Apr 15, 2024 by
spencerschrock
update the SPDX license list
check/License
good first issue
Good for newcomers
kind/enhancement
New feature or request
#4031
opened Apr 15, 2024 by
spencerschrock
Include human friendly links for the GitHub artifacts for Signed-Releases
check/Signed-Releases
good first issue
Good for newcomers
kind/enhancement
New feature or request
#4030
opened Apr 15, 2024 by
spencerschrock
Specify a user agent for OSV.dev
check/Vulnerabilities
good first issue
Good for newcomers
kind/enhancement
New feature or request
#4029
opened Apr 15, 2024 by
spencerschrock
the Something isn't working
Signed-Releases
remediation steps encourage manual manipulation of the source code archives
kind/bug
#4018
opened Apr 9, 2024 by
junyer
Contribution account age as a factor
kind/enhancement
New feature or request
#4000
opened Apr 3, 2024 by
joubin
BUG: Issues with contributor scoring
kind/bug
Something isn't working
#3996
opened Apr 3, 2024 by
siralmat
"Vulnerabilities" check: unclear description ("open vulnerabilities")
kind/enhancement
New feature or request
#3994
opened Apr 3, 2024 by
Chealer
"Risk level" highly misleading (Dangerous-Workflow always "CRITICAL"). Scorecard report ("webviewer") seems broken
area/security
kind/docs
Improvements or additions to documentation
#3990
opened Apr 2, 2024 by
Chealer
README: Unable to query Public data using BigQuery Explorer
kind/bug
Something isn't working
#3989
opened Apr 2, 2024 by
Chealer
README/FAQ: Unclear references to "the webviewer"
kind/docs
Improvements or additions to documentation
#3986
opened Apr 2, 2024 by
Chealer
Feature: Add machine-readable remediation to the hasDangerousWorkflowScriptInjection probe
check/Dangerous-workflow
kind/enhancement
New feature or request
needs discussion
question
Further information is requested
#3950
opened Mar 18, 2024 by
pnacht
Vulnerable package has score 10/10 in Vulnerabilities
check/Vulnerabilities
kind/bug
Something isn't working
kind/enhancement
New feature or request
#3946
opened Mar 13, 2024 by
jorgsowa
Feature: Probe whether repo has up-to-date CODEOWNERS
check/Contributors
check/Maintained
good first issue
Good for newcomers
kind/enhancement
New feature or request
#3931
opened Mar 10, 2024 by
raghavkaul
Dangerous Workflow: some user input are not being detected as untrusted input.
check/Dangerous-workflow
good first issue
Good for newcomers
kind/enhancement
New feature or request
#3915
opened Mar 4, 2024 by
diogoteles08
BUG Something isn't working
.sigstore
bundles are not being found by Signed-Releases check
kind/bug
#3913
opened Mar 4, 2024 by
cpswan
Supporting Spack package manager
check/Packaging
kind/enhancement
New feature or request
Stale
#3873
opened Feb 12, 2024 by
crtrott
evaluate codecov/codecov-action v4 token
area/tech-debt
github_actions
Pull requests that update Github_actions code
Stale
#3862
opened Feb 7, 2024 by
spencerschrock
Previous Next
ProTip!
Find all open issues with in progress development work with linked:pr.