Spencer Schrock

It's the end of the day, so I might just be missing something obvious, but my thought is: Inside `checks/evaluation` where the logic for the remediation check already is [here](https://github.com/ossf/scorecard/blob/ff9c0626ef4ebfb924fd46d33bb4fb389d3f3738/checks/evaluation/permissions.go#L68),...

Can be fixed at same time as #2154

Thanks for catching this. The contents of `docs/checks.md` are auto-generated. Can you move the changes to `docs/checks/internal/checks.yaml`? Afterwards, run `make generate-docs` and commit both files.

Not sure if Friday is the best time to merge something like this, but wanted to get it up for discussion for any changes. @oliverchang @calebbrown fyi

[876acb0](https://github.com/ossf/scorecard/pull/2317/commits/876acb062e8a562cb9ed0d2e3e2a76c2babd850b) will cause metadata to be populated to the BigQuery results. Might be worth spinning this off in it's own PR

If we want to warn on write permissions, but not affect scoring if defined at the run level, this might be better addressed in the scoring code. Curious what others...

@dependabot rebase

`make all` is also out of date. It's advertised in [CONTRIBUTING.md#what-to-do-before-submitting-a-pull-request.md](https://github.com/ossf/scorecard/blob/main/CONTRIBUTING.md#what-to-do-before-submitting-a-pull-request) as `Runs go test,golangci lint checks, fmt, go mod tidy` which based on the Makefile is not accurate. ```...

Hi Dave, thanks for the help! > I tried running go test ./... in the e2e folder and got the following result We use `ginko` for our tests, and the...

> I don't think it is feasible to create a "safe" list and keep it updated +1 maintaining an allowlist doesn't scale. And if the only criterion to being added...