Last active
October 25, 2023 01:21
-
-
Save dims/63c8290191ebdb7240cfa7f240ffdce4 to your computer and use it in GitHub Desktop.
OpenSSF - https://securityscorecards.dev/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ scorecard --repo=github.com/kubernetes/kubernetes | |
Starting [Maintained] | |
Starting [Dangerous-Workflow] | |
Starting [Token-Permissions] | |
Starting [CII-Best-Practices] | |
Starting [Signed-Releases] | |
Starting [CI-Tests] | |
Starting [Packaging] | |
Starting [SAST] | |
Starting [Dependency-Update-Tool] | |
Starting [Vulnerabilities] | |
Starting [Pinned-Dependencies] | |
Starting [Security-Policy] | |
Starting [Binary-Artifacts] | |
Starting [Fuzzing] | |
Starting [Contributors] | |
Starting [Branch-Protection] | |
Starting [Code-Review] | |
Starting [License] | |
Finished [Branch-Protection] | |
Finished [Code-Review] | |
Finished [License] | |
Finished [Maintained] | |
Finished [Dangerous-Workflow] | |
Finished [Token-Permissions] | |
Finished [CII-Best-Practices] | |
Finished [Signed-Releases] | |
Finished [CI-Tests] | |
Finished [Packaging] | |
Finished [SAST] | |
Finished [Dependency-Update-Tool] | |
Finished [Vulnerabilities] | |
Finished [Pinned-Dependencies] | |
Finished [Security-Policy] | |
Finished [Binary-Artifacts] | |
Finished [Fuzzing] | |
Finished [Contributors] | |
RESULTS | |
------- | |
Aggregate score: 6.7 / 10 | |
Check scores: | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| SCORE | NAME | REASON | DOCUMENTATION/REMEDIATION | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 10 / 10 | Binary-Artifacts | no binaries found in the repo | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#binary-artifacts | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 3 / 10 | Branch-Protection | branch protection is not | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#branch-protection | | |
| | | maximal on development and all | | | |
| | | release branches | | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 10 / 10 | CI-Tests | 21 out of 21 merged PRs | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#ci-tests | | |
| | | checked by a CI test -- score | | | |
| | | normalized to 10 | | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 5 / 10 | CII-Best-Practices | badge detected: passing | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#cii-best-practices | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 10 / 10 | Code-Review | all changesets reviewed | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#code-review | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 10 / 10 | Contributors | 31 different organizations | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#contributors | | |
| | | found -- score normalized to | | | |
| | | 10 | | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| ? | Dangerous-Workflow | no workflows found | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#dangerous-workflow | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 0 / 10 | Dependency-Update-Tool | no update tool detected | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#dependency-update-tool | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 10 / 10 | Fuzzing | project is fuzzed | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#fuzzing | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 10 / 10 | License | license file detected | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#license | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 10 / 10 | Maintained | 30 commit(s) out of 30 and 28 | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#maintained | | |
| | | issue activity out of 30 found | | | |
| | | in the last 90 days -- score | | | |
| | | normalized to 10 | | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| ? | Packaging | no published package detected | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#packaging | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 0 / 10 | Pinned-Dependencies | dependency not pinned by hash | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#pinned-dependencies | | |
| | | detected -- score normalized | | | |
| | | to 0 | | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 0 / 10 | SAST | SAST tool is not run on all | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#sast | | |
| | | commits -- score normalized to | | | |
| | | 0 | | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 10 / 10 | Security-Policy | security policy file detected | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#security-policy | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| ? | Signed-Releases | no releases found | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#signed-releases | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| ? | Token-Permissions | no github tokens found | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#token-permissions | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
| 9 / 10 | Vulnerabilities | 1 existing vulnerabilities | https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#vulnerabilities | | |
| | | detected | | | |
|---------|------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------| | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment