Description
The following feedback to the scorecard website was reported at ossf/alpha-omega#359
The The checks section of the homepage starts with:
The checks collect together security best practises and industry standards
The riskiness of each vulnerability is based on how easy it is to exploit. For example if something can be exploited via a pull request, we consider that a high risk.
The example (described in the last sentence quoted) is very hard to understand. I cannot figure out what "something can be exploited via a pull request" means.
It would help to give an example of what "something" can be and to clarify what you mean by "a pull request".
By the way:
Sentences should be terminated with a full stop ("."), including the one opening the section.
Metadata
Metadata
Assignees
Labels
Type
Projects
Status