Azeem Shaikh
Inspired from https://clig.dev/ - Remove `panic` wherever possible so that CLI doesn't simply crash but exits gracefully. - Use in-built [Cobra features](https://github.com/spf13/cobra/blob/master/user_guide.md) (required flag groups, mutually exclusive flags etc.) which...
Tracking issue for the release of v2.0.0.
## Problem statement How do I not serve any docs at `$APP_BASE/docs`? I have disabled both `api.UseRedoc` and `api.UseSwaggerUI` but the server defaults to serving Redoc at `$APP_BASE/docs`. Also, out...
In some cases, Signed-Releases check looks at older releases instead of looking at the latest 5 releases. Some failing repos: - https://github.com/pallets/jinja - http://github.com/scikit-build/cmake-python-distributions - http://github.com/hardbyte/python-can - http://github.com/scikit-build/scikit-build - http://github.com/koalalorenzo/python-digitalocean
The number of commits Scorecard analyzes is hardcoded to 30 (for GitHub) today. We can let users configure this by providing a `--commit-option`. The default can remain 30 so as...
Working on some minor PRs to improve dev velocity and reduce code debt. Creating an issue to track the work.
Simplify our workflows and instead of Dockerfiles use `google/ko`.
Projects which have no dependencies do not require a Dependency-Update-Tool check and we shouldn't penalize them for not using dependabot or renovatebot.
Org admins can use AllStar to audit all the GitHub apps they have installed and the permission each app has. This could just be a way for admins to monitor...
I had a conversation with Jose Duart from Google and he had some interesting observations on Scorecard data from BQ that he analyzed. 1. Some repos may be pretty well...