github ossf/scorecard v4.3.0
on GitHub

latest releases: v5.0.0, v5.0.0-rc2, v5.0.0-rc1...
2 years ago

Changelog

  • 6406cfd 🌱 Bump actions/setup-go from 3.0.0 to 3.1.0
  • 236b296 Do not fail on empty repositories (#1914)
  • b1ab7eb ✨ Update raw format for Dangerous workflows (#1865)
  • cd04704 📖 Fixes description for webhook check (#1882)
  • 0275a94 :warn: Remove the old Details field from CheckResult (#1906)
  • b9f333b ⚠️ Remove the pass from the CheckResult
  • f048164 🌱 Bump github.com/caarlos0/env/v6 from 6.9.1 to 6.9.2
  • 74f521f 🌱 Bump mvdan.cc/sh/v3 from 3.4.3 to 3.5.0
  • 2b35afc 🌱 Bump github.com/golangci/golangci-lint in /tools
  • 0f30f4e ✨ Make permission check aware of GH Pages Action (#1902)
  • 2fc6fbb 🌱 Bump cloud.google.com/go/bigquery from 1.31.0 to 1.32.0
  • 804127f Upgrade to buildkit 0.10.3
  • c5d787a pkg: refactor out scorecard_version
  • 62e3de5 🐛 Remove Options that belong to the Action (#1898)
  • 7ff4b7e ⚠️ Removing the confidence field from CheckResult struct (#1896)
  • 6d79817 📖 Fix command Usage (#1814)
  • 815de18 📖 Remove erroneous ref to CSV output (#1813)
  • 5758364 Fix bug in Scorecard tag Docker image creation (#1890)
  • 8c97d46 ✨ Add custom remediation for workflow permissions/pinned dependencies (#1885)
  • 22694dc Support commits reviewed through Piper (#1889)
  • 9a7d030 ✨ Added additional github repositories in projects.csv (#1886)
  • 72086c9 ✨ Add support for Phabricator as a code review system (#1884)
  • f779fb8 🌱 Bump cloud.google.com/go/pubsub from 1.21.0 to 1.21.1
  • 74ea0f4 🐛 Fix .lib false positives in binary artifacts (#1879)
  • 2cb6541 ⚠️ Removing the pass field from result (#1853)
  • 875b6f6 🐛 Ignore shell parsing errors when reporting results (#1878)
  • e97bf30 🌱 Bump step-security/harden-runner from 1.4.2 to 1.4.3
  • 815de5c Propagate error in log (#1875)
  • 2b68f38 🌱 Bump github.com/onsi/ginkgo/v2 from 2.1.3 to 2.1.4
  • 3a9f011 🌱 Bump github.com/google/go-cmp from 0.5.7 to 0.5.8
  • a598b2a 🌱 Bump cloud.google.com/go/pubsub from 1.20.0 to 1.21.0
  • ac14ce7 🌱 Bump github.com/onsi/ginkgo/v2 from 2.1.3 to 2.1.4 in /tools
  • 05d8c01 🐛 Don't look for secrets in pull_request (#1864)
  • b304306 ✨ Add token needed for checks in README (#1854)
  • ac88460 ✨ Raw results for best practices badge (#1795)
  • fe6e091 ✨ Support for detecting choco installer without required hash (#1810)
  • 5d8a277 🌱 Bump crazy-max/ghaction-import-gpg from 4.3.0 to 4.4.0
  • dbaba8a 🌱 Bump step-security/harden-runner from 1.4.1 to 1.4.2

Thanks for all contributors!

Check out latest releases or
releases around ossf/scorecard v4.3.0

Don't miss a new scorecard release

NewReleases is sending notifications on new releases.

Get notifications