ossf/scorecard vulnerabilities fix tracking issue #482

developer-guy · 2021-10-26T13:10:14Z

What would you like to be added:

We recently ran the ossf/scorecard¹ over the Grype project, found some vulnerabilities, here is the output of the scan:

$ docker run -e GITHUB_AUTH_TOKEN=$GITHUB_TOKEN gcr.io/openssf/scorecard:stable --repo https://github.com/developer-guy/grype

Why is this needed:

To make Grype more secure.

Additional context:

cc: @wagoodman @luhring @Dentrax

https://github.com/ossf/scorecard ↩

The text was updated successfully, but these errors were encountered:

kzantow · 2022-11-29T15:33:50Z

We have since added scorecard and have individual issues to address the lower scores, so I'm going to close this one. Please reopen if you deem it necessary!

developer-guy added the enhancement New feature or request label Oct 26, 2021

developer-guy mentioned this issue Oct 26, 2021

ossf/scorecard vulnerabilities fix tracking issue anchore/syft#593

Open

kzantow added this to OSS Nov 14, 2022

kzantow closed this as completed Nov 29, 2022

kzantow moved this to Done in OSS Nov 29, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ossf/scorecard vulnerabilities fix tracking issue #482

ossf/scorecard vulnerabilities fix tracking issue #482

developer-guy commented Oct 26, 2021 •

edited

Loading

kzantow commented Nov 29, 2022

ossf/scorecard vulnerabilities fix tracking issue #482

ossf/scorecard vulnerabilities fix tracking issue #482

Comments

developer-guy commented Oct 26, 2021 • edited Loading

Footnotes

kzantow commented Nov 29, 2022

developer-guy commented Oct 26, 2021 •

edited

Loading