We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
ScoreCards
1 parent 5b07e49 commit 30e8ef0Copy full SHA for 30e8ef0
1 file changed
REPOSITORIES.md
@@ -24,7 +24,8 @@ Central and the current status of the four GitHub Actions workflows we track acr
24
+ **Java CI**: the main Maven build, including unit tests and static analysis.
25
+ **CodeQL**: GitHub's semantic code scanning for security vulnerabilities.
26
+ **Scorecards**: the [OpenSSF Scorecard](https://securityscorecards.dev/) assessment of the repository's
27
- supply-chain security posture.
+ supply-chain security posture. This workflow only runs against the default branch, so it is marked **N/A** for
28
+ secondary branches of components that support multiple lines of development.
29
+ **Dependency Review**: the pull-request check that flags vulnerable or incompatibly licensed dependency
30
changes.
31
0 commit comments