-
Notifications
You must be signed in to change notification settings - Fork 513
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
securityscorecards: Fix "Branch-Protection" check #7201
Comments
Specific instruction are documented here: |
Given the open-source nature of the Slicer project, I don't see an issue granting the scorecard.yml workflow @jamesobutler @pieper @sjh26 @lassoan Do you have any concern ? Read access associated with the Administration scope
Footnotes |
Yes I see no problem adding a token for read access to the administration information. @jcfr following the instructions at https://github.com/ossf/scorecard-action#authentication-with-fine-grained-pat-optional makes sense. Since you are a main Slicer developer, re-upping the token whenever it expires seems reasonable and a low effort future task to enable the scorecard action to have access to what it needs for the additional checks. |
Qt lupdate threw warnings about unconsumed metadata for lines that had translator's comments (that is exported to the language translation file to provide additonal context for translators) in the same line as the translatable text. For example: this->SupportedReadFileTypes->InsertNextValue(vtkMRMLTr("vtkMRMLColorTableStorageNode", "MRML Color Table") + " (.ctbl)"); //: file format name The issue with this is that Qt expects translator comment to be in the previous line like this: //: File format name this->SupportedReadFileTypes->InsertNextValue(vtkMRMLTr("vtkMRMLColorTableStorageNode", "MRML Color Table") + " (.ctbl)");
Summary
Following the integration of #7197, a list of checks are performed with the intent of given a "security" score.
The "Branch-Protection" check is currently failing with the following message:
Following the recommendation described in the following issue should help:
Steps to reproduce
See https://securityscorecards.dev/viewer/?uri=github.com/Slicer/Slicer
Expected behavior
No internal error
The text was updated successfully, but these errors were encountered: