Skip to content

Add OpenSSF Scorecard#192

Merged
dorssel merged 1 commit into
mainfrom
scorecard
Jun 28, 2026
Merged

Add OpenSSF Scorecard#192
dorssel merged 1 commit into
mainfrom
scorecard

Conversation

@dorssel

@dorssel dorssel commented Jun 28, 2026

Copy link
Copy Markdown
Owner

No description provided.

@github-actions

Copy link
Copy Markdown
Contributor

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/actions/checkout 9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 🟢 6.9
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review🟢 10all changesets reviewed
Maintained🟢 1016 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
SAST🟢 10SAST tool is run on all commits
actions/github/codeql-action/upload-sarif 8aad20d150bbac5944a9f9d289da16a4b0d87c1e UnknownUnknown
actions/ossf/scorecard-action 4eaacf0543bb3f2c246792bd56e8cdeffafb205a 🟢 9.1
Details
CheckScoreReason
Dependency-Update-Tool🟢 10update tool detected
Security-Policy🟢 10security policy file detected
Maintained🟢 1017 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Code-Review🟢 10all changesets reviewed
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Pinned-Dependencies🟢 9dependency not pinned by hash detected -- score normalized to 9
License🟢 10license file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Signed-Releases⚠️ -1no releases found
Packaging🟢 10packaging workflow detected
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST🟢 10SAST tool is run on all commits
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 16 contributing companies or organizations

Scanned Files

  • .github/workflows/openssf.yml

@codecov

codecov Bot commented Jun 28, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (f4284ac) to head (dd3a44c).
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@            Coverage Diff            @@
##              main      #192   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            4         4           
  Lines           81        81           
  Branches        14        14           
=========================================
  Hits            81        81           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

@github-actions

Copy link
Copy Markdown
Contributor

MegaLinter analysis: Success

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ ACTION actionlint 8 0 0 0.08s
✅ ACTION zizmor 8 0 0 2.74s
✅ EDITORCONFIG editorconfig-checker 56 0 0 0.07s
✅ JSON jsonlint 3 0 0 0.1s
✅ JSON prettier 3 0 0 0.37s
✅ JSON v8r 3 0 0 4.03s
✅ MARKDOWN markdownlint 2 0 0 0.55s
✅ MARKDOWN markdown-table-formatter 2 0 0 0.26s
✅ REPOSITORY checkov yes no no 21.3s
✅ REPOSITORY gitleaks yes no no 0.19s
✅ REPOSITORY git_diff yes no no 0.01s
✅ REPOSITORY grype yes no no 47.2s
✅ REPOSITORY osv-scanner yes no no 0.77s
✅ REPOSITORY secretlint yes no no 1.09s
✅ REPOSITORY syft yes no no 3.32s
✅ REPOSITORY trivy-sbom yes no no 5.47s
✅ REPOSITORY trufflehog yes no no 3.21s
✅ XML xmllint 5 0 0 0.42s
✅ YAML prettier 13 0 0 0.53s
✅ YAML v8r 13 0 0 10.53s
✅ YAML yamllint 13 0 0 1.69s

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts

MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository

@dorssel dorssel merged commit 8eb20b9 into main Jun 28, 2026
9 checks passed
@dorssel dorssel deleted the scorecard branch June 28, 2026 12:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant