source-controller icon indicating copy to clipboard operation
source-controller copied to clipboard

Published 20 hours ago verified publisher icon fluxcd

Improve OpenSSF Scorecard Score

Open pjbgf opened this issue 3 years ago • 0 comments

"The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects."

As of 3rd January, fluxcd/source-controller scores 6.1/10. For latest score check deps.dev or manually execute scorecard.

image

Areas to focus on:

  • Token-Permissions
    • https://github.com/fluxcd/source-controller/pull/551
  • Pinned-Dependencies
  • Fuzzing
    • https://github.com/fluxcd/source-controller/pull/443

pjbgf avatar Jan 11 '22 17:01 pjbgf