Skip to content

Issues: ossf/scorecard

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
33 Open 36 Closed
33 Open 36 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Feature: New Check "Criticality and Maturity" kind/enhancement New feature or request Stale
#3821 opened Jan 26, 2024 by menocu
4
Feature: New check "Secure runners" good first issue Good for newcomers kind/enhancement New feature or request kind/new-check New check for scorecard Stale
#3801 opened Jan 17, 2024 by pnacht
3
Feature: dangerous CI check/Dangerous-workflow kind/enhancement New feature or request kind/new-check New check for scorecard Stale
#3630 opened Oct 30, 2023 by laurentsimon
4
Feature request: Add new check for developer education kind/enhancement New feature or request kind/new-check New check for scorecard Stale
#3534 opened Oct 4, 2023 by david-a-wheeler
@david-a-wheeler
38
New check suggestion: Fork; is the repository a fork? good first issue Good for newcomers kind/enhancement New feature or request kind/new-check New check for scorecard Stale
#3223 opened Jun 27, 2023 by andrelmbackman
6
Review hipcheck for potential criteria & code improvements (feature request) kind/enhancement New feature or request Stale
#2816 opened Apr 3, 2023 by david-a-wheeler
7
Feature: determine if publishing is credential-based or OIDC-based check/Packaging help wanted Community contributions welcome, maintainers supportive of idea but not a high priority kind/enhancement New feature or request kind/new-check New check for scorecard
#2761 opened Mar 16, 2023 by di
15
Feature: Dangerous Workflows - Imposter Commit Check check/Dangerous-workflow check/Pinned-Dependencies kind/enhancement New feature or request kind/new-check New check for scorecard Stale
#2733 opened Mar 8, 2023 by wlynch
1
13
Add support for SBOM analyzing at Binary-Artifacts stage by integrating sbom-scorecard kind/enhancement New feature or request Stale
#2605 opened Jan 19, 2023 by Dentrax
19
Discussion: New check: dependency good practices kind/enhancement New feature or request kind/new-check New check for scorecard Stale
#2531 opened Dec 9, 2022 by laurentsimon
5
Factor whether or not private vulnerability reporting is enabled into the scorecard check/Security-Policy good first issue Good for newcomers help wanted Community contributions welcome, maintainers supportive of idea but not a high priority kind/enhancement New feature or request
#2465 opened Nov 18, 2022 by JasonKeirstead
20
Feature: New check for average time to update dependencies kind/enhancement New feature or request kind/new-check New check for scorecard Stale
#2458 opened Nov 15, 2022 by olivekl
6
Feature: Add fork analysis for "Maintained" check or a new check check/Maintained good first issue Good for newcomers kind/enhancement New feature or request Stale
#2352 opened Oct 14, 2022 by qequ
4
Feature: Assess presence and maintenance of a threat model kind/enhancement New feature or request Stale
#2142 opened Aug 12, 2022 by lyndon160
4
Feature: stale maintainers kind/enhancement New feature or request kind/new-check New check for scorecard Stale
#2027 opened Jul 8, 2022 by laurentsimon
2
Feature: Make existing results more structured kind/enhancement New feature or request
#1874 opened Apr 27, 2022 by laurentsimon Structured results
15
Feature: New check for SLSA provenance generation kind/enhancement New feature or request kind/new-check New check for scorecard Stale
#1776 opened Mar 24, 2022 by laurentsimon
11
Rename "CII Best Practices Badge" to "OpenSSF Best Practices Badge" check/CII-Best-Practices kind/docs Improvements or additions to documentation
#1549 opened Jan 27, 2022 by david-a-wheeler
@LappleApple
19
New check: Security Audit check kind/new-check New check for scorecard needs discussion
#1507 opened Jan 21, 2022 by inferno-chromium
15
BUG - Pinned-Dependencies should not look into vendor directories check/Pinned-Dependencies kind/bug Something isn't working
#1095 opened Oct 1, 2021 by naveensrinivasan
14
New check: download of .whl followed by pip install kind/enhancement New feature or request Stale
#613 opened Jun 24, 2021 by laurentsimon
@laurentsimon
2
New check: unpinned repo clone kind/enhancement New feature or request kind/new-check New check for scorecard Stale
#608 opened Jun 24, 2021 by laurentsimon
10
New Check: time to fix security vuln kind/enhancement New feature or request
#548 opened Jun 4, 2021 by laurentsimon
Frozen deps should check for hash pinning kind/enhancement New feature or request priority/must-do Upcoming release
#427 opened May 10, 2021 by laurentsimon
@laurentsimon
5
New check: check for dependency scanner kind/enhancement New feature or request
#413 opened May 7, 2021 by laurentsimon
ProTip! Add no:assignee to see everything that’s not assigned.