You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hey, I'm Pedro and I'm back (see #3319, #3344, and #3436) with another security suggestion:
I suggest that you adopt the OpenSSF Scorecard Action. Scorecard is a tool that scans your repository and gives actionable suggestions of how the project can improve its supply-chain security posture. In fact, it was the tool I used to identify the need for the fixes linked above.
The Action will continuously monitor the repository's posture and add any suggestions to the Security Panel. In doing so, it'll also let you know if a misstep accidentally weakened the project's security.
I'll also send a PR implementing the Action for you to take a look.
The text was updated successfully, but these errors were encountered:
Hey, I'm Pedro and I'm back (see #3319, #3344, and #3436) with another security suggestion:
I suggest that you adopt the OpenSSF Scorecard Action. Scorecard is a tool that scans your repository and gives actionable suggestions of how the project can improve its supply-chain security posture. In fact, it was the tool I used to identify the need for the fixes linked above.
The Action will continuously monitor the repository's posture and add any suggestions to the Security Panel. In doing so, it'll also let you know if a misstep accidentally weakened the project's security.
I'll also send a PR implementing the Action for you to take a look.
The text was updated successfully, but these errors were encountered: