scorecard icon indicating copy to clipboard operation
scorecard copied to clipboard
verified publisher icon ossf

BUG: fix doc for Webhook check

Open laurentsimon opened this issue 3 years ago • 3 comments

If there is no support for token authentication, consider implementing it by following [these directions](https://docs.github.com/en/developers/webhooks-and-events/webhooks/securing-your-webhooks). is mis-leading because users do not control the authentication support: the webhook service is often provided by a 3P entity.

laurentsimon avatar Apr 19 '22 00:04 laurentsimon

Hi! Can you please suggest which file is the bug in? I will go through it and try to resolve it after going through the documentation in detail.

Suhit-Majumdar avatar May 16 '22 11:05 Suhit-Majumdar

Update https://github.com/ossf/scorecard/blob/main/docs/checks/internal/checks.yaml then run make generate-docs from the root directory to update https://github.com/ossf/scorecard/blob/main/docs/checks.md

laurentsimon avatar May 16 '22 15:05 laurentsimon

Can be fixed at same time as #2154

spencerschrock avatar Oct 06 '22 22:10 spencerschrock

i can take on this issue. is the solution to this issue to update the doc to remove that sentence? i can look at #2154 as well

leec94 avatar Jul 21 '23 20:07 leec94

i can take on this issue. is the solution to this issue to update the doc to remove that sentence? i can look at #2154 as well

I could see removing it, or clarifying what a repo owner can do. Maybe something like "check if the webhook can be configured to use auth " or "request the functionality"?

spencerschrock avatar Jul 21 '23 21:07 spencerschrock