Improvements

docs/checks/MFAImpersonationDefense.mdx

@@ -5,6 +5,14 @@ title: Use MFA against impersonation
 slug: /checks/MFAImpersonationDefense
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: expected
@@ -19,12 +27,10 @@ Use Multi Factor Authentication (MFA) Methods that Defend Against Impersonation
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: P1
 - Mitre: [CWE-290](https://cwe.mitre.org/data/definitions/290.html)
 - Sources: [OpenSSF Best Practices Badge Gold Level [secure_2FA]](https://www.bestpractices.dev/en/criteria/2#2.secure_2FA)
 - How To: [Github Docs](https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/PRsBeforeMerge.mdx

@@ -5,6 +5,14 @@ title: Require Pull Requests Before Merging
 slug: /checks/PRsBeforeMerge
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: recommended
@@ -19,12 +27,10 @@ Require Pull Requests before Merging
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: R4
 - Mitre: [CWE-778](https://cwe.mitre.org/data/definitions/778.html)
 - Sources: [OpenSSF Scorecard](https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection)
 - How To: [Github Docs](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/SSHKeysRequired.mdx

@@ -5,6 +5,14 @@ title: Use SSH Keys with Passphrases for Repository Access
 slug: /checks/SSHKeysRequired
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: expected
@@ -19,12 +27,10 @@ Use SSH keys for developer access to source code repositories and use a passphra
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: P3
 - Mitre: [CWE-309](https://cwe.mitre.org/data/definitions/309.html)
 - Sources: [CNCF SSCP v1.0 #192](https://github.com/cncf/tag-security/blob/main/supply-chain-security/supply-chain-security-paper/sscsp.md#use-ssh-keys-to-provide-developers-access-to-source-code-repositories)
 - How To: [Github Docs](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/about-ssh)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/activeAdminsSixMonths.mdx

@@ -5,6 +5,14 @@ title: Require Active Admins in GitHub Org (Activity in 6 Months)
 slug: /checks/activeAdminsSixMonths
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: recommended
@@ -19,11 +27,9 @@ Github Organization Admins Should Have Activity In The Last 6 Months
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: R3
 - Mitre: [M1026](https://attack.mitre.org/mitigations/M1026/)
 - Sources: [OpenSSF SCM Best Practices](https://best.openssf.org/SCM-BestPractices/github/member/stale_admin_found.html)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/activeWritersSixMonths.mdx

@@ -5,6 +5,14 @@ title: Require Active Members with Write Access (Activity in 6 Months)
 slug: /checks/activeWritersSixMonths
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: recommended
@@ -19,11 +27,9 @@ Github Organization Members with Write Permissions Should Have Activity In The L
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: R3
 - Mitre: [M1026](https://attack.mitre.org/mitigations/M1026/)
 - Sources: [OpenSSF SCM Best Practices](https://best.openssf.org/SCM-BestPractices/github/member/stale_member_found.html)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/adminRepoCreationOnly.mdx

@@ -5,6 +5,14 @@ title: Allow Only Admins to Create Public Repositories
 slug: /checks/adminRepoCreationOnly
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: expected
@@ -19,12 +27,10 @@ Only Admins Should Be Able To Create Public Repositories
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: P4
 - Mitre: [CAPEC-122](https://capec.mitre.org/data/definitions/122.html)
 - Sources: [OpenSSF SCM Best Practices](https://best.openssf.org/SCM-BestPractices/github/organization/non_admins_can_create_public_repositories.html)
 - How To: [Github Docs](https://docs.github.com/en/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/annualDependencyRefresh.mdx

@@ -5,6 +5,14 @@ title: Refresh Dependencies with Annual Releases
 slug: /checks/annualDependencyRefresh
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: expected
@@ -19,10 +27,8 @@ A new release to refresh dependencies occurs at least annually
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: P14
 - Sources: [OpenSSF Best Practices Badge Passing Level [maintained]](https://www.bestpractices.dev/en/criteria?details=true&rationale=true#0.maintained)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/assignCVEForKnownVulns.mdx

@@ -5,6 +5,14 @@ title: Assign CVEs to All Known Security Vulnerabilities
 slug: /checks/assignCVEForKnownVulns
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: expected
@@ -19,10 +27,8 @@ All Known Security Vulnerabilities are Issued a CVE
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: P7
 - Sources: [OpenSSF Best Practices Badge Passing Level [release_notes_vulns]](https://www.bestpractices.dev/en/criteria?details=true&rationale=true#0.release_notes_vulns)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/automateDependencyManagement.mdx

@@ -5,6 +5,14 @@ title: Automate Monitoring of Outdated Dependencies
 slug: /checks/automateDependencyManagement
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: expected
@@ -19,11 +27,9 @@ Automated Process is Used to Monitor for and Maintain a List of Out of Date Depe
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: P14
 - Sources: [OWASP SCVS L1 5.7](https://scvs.owasp.org/scvs/v5-component-analysis/)
 - How To: [Socket.Dev](https://socket.dev/)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/automateVulnDetection.mdx

@@ -5,6 +5,14 @@ title: Automate Dependency Vulnerability Identification
 slug: /checks/automateVulnDetection
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: expected
@@ -19,12 +27,10 @@ An automated process to identify dependencies with publicly disclosed vulnerabil
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: P6
 - Mitre: [CWE-1395](https://cwe.mitre.org/data/definitions/1395.html)
 - Sources: [OWASP SCVS L1 5.4](https://scvs.owasp.org/scvs/v5-component-analysis/)
 - How To: [Github Docs](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates#managing-dependabot-security-updates-for-your-repositories)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/blockWorkflowPRApproval.mdx

@@ -5,6 +5,14 @@ title: Prevent Workflows from Creating or Approving PRs
 slug: /checks/blockWorkflowPRApproval
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: expected
@@ -19,12 +27,10 @@ Workflows are not Allowed To Create or Approve Pull Requests
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: P9
 - Mitre: [CWE-250](https://cwe.mitre.org/data/definitions/250.html)
 - Sources: [OpenSSF Scorecard](https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions)
 - How To: [Github Docs](https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#preventing-github-actions-from-creating-or-approving-pull-requests)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/ciAndCdPipelineAsCode.mdx

@@ -5,6 +5,14 @@ title: Automate CI/CD Steps in Code-Based Pipelines
 slug: /checks/ciAndCdPipelineAsCode
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: deferrable
@@ -19,11 +27,9 @@ CI/CD steps should all be automated through a pipeline defined as code
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: P12
 - Sources: [CNCF SSCP 1.0 #158](https://github.com/cncf/tag-security/blob/main/supply-chain-security/supply-chain-security-paper/sscsp.md#build-and-related-continuous-integrationcontinuous-delivery-steps-should-all-be-automated-through-a-pipeline-defined-as-code)
 - How To: [Github Docs](https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/commitSignoffForWeb.mdx

@@ -5,6 +5,14 @@ title: Enforce Commit Signoff for Web-Based Commits
 slug: /checks/commitSignoffForWeb
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: recommended
@@ -19,11 +27,9 @@ Github Org Requires Commit Signoff for Web-Based Commits
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: R4
 - Sources: [CNCF SSCP 1.0 #325](https://github.com/cncf/tag-security/blob/main/supply-chain-security/supply-chain-security-paper/sscsp.md#require-signed-commits)
 - How To: [Github Docs](https://docs.github.com/en/organizations/managing-organization-settings/managing-the-commit-signoff-policy-for-your-organization#managing-compulsory-commit-signoffs-for-your-organization)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->

docs/checks/commitStatusChecks.mdx

@@ -5,6 +5,14 @@ title: Require Commit Status Checks to Pass Before Merging
 slug: /checks/commitStatusChecks
 ---
 
+<!-- BANNER:START -->
+:::tip
+
+This check is currently under development and not yet implemented. [Click here to learn how you can help](/contribute).
+
+:::
+<!-- BANNER:END -->
+
 ## Use Case
 <!-- LEVELS:START -->
 - Incubating: expected
@@ -19,12 +27,10 @@ All Required Commit Status Checks must pass before Merging
 
 <!-- DETAILS:START -->
 ## Details
-- Implementation Status: pending
 - C-SCRM: true
 - Priority Group: P6
 - Mitre: [CWE-358](https://cwe.mitre.org/data/definitions/358.html)
 - Sources: [OpenSSF Scorecard](https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection)
 - How To: [Github Docs](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging)
-- Created at 2024-12-22T05:21:43.514Z
-- Updated at 2024-12-22T05:21:43.514Z
+
 <!-- DETAILS:END -->