Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancement request: Need to have releases #7172

Closed
richsalz opened this issue Jan 21, 2022 · 3 comments
Closed

Enhancement request: Need to have releases #7172

richsalz opened this issue Jan 21, 2022 · 3 comments

Comments

@richsalz
Copy link

Right now, everything seems to be done by checking into master; there's no releases or tagging.I want to use ossf/scorecard but I'll get dinged for not pinning specific hashes. I can pin a specific git commit, but things like dependabot don't see a release so that's no help.

Please see ossf/scorecard#1500 for some background.
@evverx
Copy link
Contributor

evverx commented Jan 22, 2022

I think it's probably the same issue as #6836

@richsalz
Copy link
Author

Yes, I will close this as a dup of #6836, thanks!

@evverx
Copy link
Contributor

evverx commented Apr 22, 2022

Looks like neither CIFuzz nor CFLite can be pinned properly so I'll go ahead and close #6836. CFLite can't be unpinned either though: google/clusterfuzzlite#95 so once it's resolved I'll unpin it and ignore scorecard.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@richsalz @evverx