Skip to content

Issues: ossf/scorecard

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

344 Open 659 Closed
344 Open 659 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Adding memory safety related checks enhancement New feature or request
#3736 opened Dec 14, 2023 by balteravishay
BUG: Scanning a gitlab project with no commits crashes bug Something isn't working
#3727 opened Dec 11, 2023 by ashearin
1
should probes have a more defined structure?
#3720 opened Dec 7, 2023 by spencerschrock Structured results
collecting probe raw data should be parallelizable
#3719 opened Dec 7, 2023 by spencerschrock Structured results
should probes have their own raw data and supported request types?
#3718 opened Dec 7, 2023 by spencerschrock Structured results
Redesigning the top-level Scorecard entrypoint api maintenance
#3717 opened Dec 7, 2023 by spencerschrock v5
BUG: Qodana does not count as a SAST tool bug Something isn't working check:SAST
#3709 opened Nov 30, 2023 by MartinWitt
BUG: CI-Tests: internal error: internal error: Client.Repositories.ListStatuses: error getting commit statuses bug Something isn't working gitlab Issue related to Scorecard's GitLab client
#3701 opened Nov 28, 2023 by adam-moss
Cannot scan self-hosted (private) GitLab repositories bug Something isn't working gitlab Issue related to Scorecard's GitLab client
#3696 opened Nov 28, 2023 by mwager
8
BUG: Internal error when parsing Dockerfile on Pinned-Dependencies check bug Something isn't working check:Pinned-Dependencies
#3692 opened Nov 23, 2023 by joycebrum
1
Packages created from a monorepo are not properly analyzed bug Something isn't working
#3687 opened Nov 20, 2023 by fhoeborn
2
Signed Releases check misses content packaged in tar/zip files bug Something isn't working check:Signed-Releases
#3685 opened Nov 18, 2023 by sudo-bmitch
2
Pinned dependencies check in Dockerfile does not handle build args bug Something isn't working check:Pinned-Dependencies
#3684 opened Nov 18, 2023 by sudo-bmitch
2
BUG: actions/github-script context should be considered dangerous bug Something isn't working
#3681 opened Nov 16, 2023 by gabibguti
5
Improve signed releases checks check:Signed-Releases enhancement New feature or request
#3679 opened Nov 16, 2023 by AdamKorcz
2
Allow merge queue instead of an up to date branch for the branch protection check check:Branch-Protection enhancement New feature or request
#3678 opened Nov 16, 2023 by rnijveld
1
Merge probe Remediation and rule Remediation maintenance
#3677 opened Nov 15, 2023 by AdamKorcz Structured results
Modifiable number of commits enhancement New feature or request
#3665 opened Nov 11, 2023 by AdamKorcz
Feature: Vulnerabilities: Add responsible direct dependencies and link to report enhancement New feature or request
#3664 opened Nov 10, 2023 by pnacht
4
evaluate probe outcomes for probes identifying negative behaviors check:Dangerous-workflow check:Maintained check:Vulnerabilities
#3654 opened Nov 8, 2023 by spencerschrock Structured results
revisit finding creation API
#3649 opened Nov 7, 2023 by spencerschrock Structured results
Not all checks returned for repo bug Something isn't working
#3648 opened Nov 7, 2023 by mtcolman
5
findings: values should be exported consts owned by the probe
#3641 opened Nov 2, 2023 by spencerschrock Structured results
2
Feature: dangerous CI check:Dangerous-workflow enhancement New feature or request wishlist New check for scorecard
#3630 opened Oct 30, 2023 by laurentsimon
1
Feature: mis-configured OIDC enhancement New feature or request needs discussion wishlist New check for scorecard
#3629 opened Oct 30, 2023 by laurentsimon
9
ProTip! Find all open issues with in progress development work with linked:pr.