Skip to content

Issues: ossf/scorecard

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

347 Open 808 Closed
347 Open 808 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Feature: Give projects extra credits for "going the extra mile" kind/enhancement New feature or request Stale
#3795 opened Jan 15, 2024 by pnacht
3
False positive detection of binary file for Binary-Artifacts checker check/Binary-Artifacts kind/bug Something isn't working
#3760 opened Dec 31, 2023 by rouault
4
Give a -1 Score on Dependency-Update-Tool when the repository doesn't have any relevant dependencies to keep updated Check/Dependency-Update-Tool kind/enhancement New feature or request Stale
#3746 opened Dec 20, 2023 by diogoteles08 Policy per Ecosystem
4
Adding memory safety related checks kind/enhancement New feature or request kind/new-check New check for scorecard
#3736 opened Dec 14, 2023 by balteravishay
@nellshamrell
34
collecting probe raw data should be parallelizable
#3719 opened Dec 7, 2023 by spencerschrock Structured results
should probes have their own raw data and supported request types?
#3718 opened Dec 7, 2023 by spencerschrock Structured results
BUG: CI-Tests: internal error: internal error: Client.Repositories.ListStatuses: error getting commit statuses check/CI-Tests gitlab Issue related to Scorecard's GitLab client good first issue Good for newcomers kind/bug Something isn't working
#3701 opened Nov 28, 2023 by adam-moss
6
Signed Releases check misses content packaged in tar/zip files check/Signed-Releases kind/enhancement New feature or request Stale
#3685 opened Nov 18, 2023 by sudo-bmitch
8
Pinned dependencies check in Dockerfile does not handle build args check/Pinned-Dependencies kind/bug Something isn't working
#3684 opened Nov 18, 2023 by sudo-bmitch
11
BUG: actions/github-script context should be considered dangerous kind/bug Something isn't working
#3681 opened Nov 16, 2023 by gabibguti
5
Improve signed releases checks check/Signed-Releases kind/enhancement New feature or request Stale
#3679 opened Nov 16, 2023 by AdamKorcz
3
Allow merge queue instead of an up to date branch for the branch protection check check/Branch-Protection kind/enhancement New feature or request Stale
#3678 opened Nov 16, 2023 by rnijveld
2
Modifiable number of commits kind/enhancement New feature or request Stale
#3665 opened Nov 11, 2023 by AdamKorcz
1
Feature: Vulnerabilities: Add responsible direct dependencies and link to report check/Vulnerabilities kind/enhancement New feature or request Stale
#3664 opened Nov 10, 2023 by pnacht
11
revisit finding creation API
#3649 opened Nov 7, 2023 by spencerschrock Structured results
Not all checks returned for repo area/api good first issue Good for newcomers help wanted Community contributions welcome, maintainers supportive of idea but not a high priority kind/docs Improvements or additions to documentation
#3648 opened Nov 7, 2023 by mtcolman
9
Feature: dangerous CI check/Dangerous-workflow kind/enhancement New feature or request kind/new-check New check for scorecard Stale
#3630 opened Oct 30, 2023 by laurentsimon
4
Feature: mis-configured OIDC kind/enhancement New feature or request kind/new-check New check for scorecard needs discussion Stale
#3629 opened Oct 30, 2023 by laurentsimon
10
Add more options for Pinned-Dependencies check/Pinned-Dependencies kind/enhancement New feature or request
#3618 opened Oct 27, 2023 by gabibguti
4
CITest evaluation documentation inconsistent with implementation check/CI-Tests good first issue Good for newcomers kind/docs Improvements or additions to documentation
#3616 opened Oct 27, 2023 by AdamKorcz
1
3
Feature: Document what languages the check supports kind/docs Improvements or additions to documentation kind/enhancement New feature or request Stale
#3615 opened Oct 26, 2023 by gabibguti Policy per Ecosystem
1
BUG: Error during "Dependency-Update-Tools" on GitHub Enterprise Server Check/Dependency-Update-Tool kind/bug Something isn't working self-hosted
#3607 opened Oct 25, 2023 by mariusfilipowski
2
BUG: Internal Error during "Branch-Protection" on GitHub Enterprise Server check/Branch-Protection kind/bug Something isn't working self-hosted
#3606 opened Oct 25, 2023 by mariusfilipowski
3
BUG: Dangerous-Workflow doesn't trigger on toJSON(github.event) check/Dangerous-workflow good first issue Good for newcomers kind/bug Something isn't working
#3554 opened Oct 10, 2023 by pnacht
[Feedback] Unclear value proposition for hash-pinning dependencies and keeping them up-to-date with dependency update tools check/Pinned-Dependencies kind/enhancement New feature or request Stale
#3549 opened Oct 9, 2023 by pnacht
2
ProTip! Adding no:label will show everything without a label.