Improve OpenSSF score #712
Labels
Milestone
Comments
This comment was marked as resolved.
This comment was marked as resolved.
|
We definitely want 9+/10, but firstly I need to understand how to enable such scores for Renovate, as I never disable it in https://github.com/SpotOnInc/renovate-config/blob/main/default.template.json5 |
MaxymVlasov
added this to the Features implementing and cleanup without breaking changes milestone
|
Hi @MaxymVlasov, this is how I have enabled the scores in some orgs for renovate PRs https://docs.renovatebot.com/presets-security/#securityopenssf-scorecard |
|
Also the results may be better by adopting the GitHub action. This should get the branch protections |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What problem are you facing?
Adoption in a new organization
How could pre-commit-terraform help solve your problem?
Renovatebot includes an openssf score on every PR update for this repo. Due to low scores, this can irk developers and management.
Please consider improving the OpenSSF score of this repo. Current score is 6.7 which is not and could be better. The higher the score, the more objective integrity the community will have towards the project.
https://github.com/ossf/scorecard
https://securityscorecards.dev/viewer/?uri=github.com/antonbabenko/pre-commit-terraform
Some small improvements
.github/workflows/*would improve it a lotSome big improvements
The text was updated successfully, but these errors were encountered: