OpenSSF Scorecard analysis #6803
Labels
build-improvement
Build improvements - maven, gradle, GitHub actions
cross-project
Apply to many repositories in odpi/*
enhancement
New feature or request
pinned
Keep open (do not time out)
security
Security related (high priority)
Comments
planetf1
added
enhancement
planetf1
added
build-improvement
Closed
planetf1
added a commit
to planetf1/egeria
that referenced
this issue
Oct 3, 2022
Signed-off-by: Nigel Jones <[email protected]>
planetf1
added a commit
to planetf1/egeria
that referenced
this issue
Oct 5, 2022
Signed-off-by: Nigel Jones <[email protected]>
|
The scan has now been added to base egeria.
|
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 20 days if no further activity occurs. Thank you for your contributions. |
github-actions
bot
added
the
no-issue-activity
planetf1
added
cross-project
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 20 days if no further activity occurs. Thank you for your contributions. |
github-actions
bot
added
the
no-issue-activity
planetf1
added
pinned
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there an existing issue for this?
Please describe the new behavior that that will improve Egeria
https://github.com/ossf/scorecard-action/tree/v2.0.0-beta.1 has an action that does a scorecard assessment on a repository.
Given concerns on security, and the work being done by the ossify to promote supply chain security, it would be useful to take a look at this action to see if it can help us, and the data can also be published to provide more confidence to consumers of our projects.
This applies across all our repos
Alternatives
n/a
Any Further Information?
none
Would you be prepared to be assigned this issue to work on?
The text was updated successfully, but these errors were encountered: