-
Notifications
You must be signed in to change notification settings - Fork 508
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BUG: Security-Policy doesn't recognize asciidoc files #1347
Comments
awesome! Were they pain points using the tool? Note that we also have a GitHub action we're in beta, in case you want to give it a try #1074 (comment) |
@laurentsimon I had some:
I'll see if I can recall others aswell |
Last thing:
|
Can you tell us why you use an |
info messages mean something you did is good; warnings means something bad. Is this something we should explicitly write about in the README?
maybe we could make the JSON format the default, you're not the first to complain about the table.
we recommend pinning by hash, not by version. Can you point to the docs you read and where it was confusing?
I'll add this to the doc, you're right it's not well documented, thanks!
cc @olivekl |
follow
actually our doc already says |
I would try and separate each good or bad in a different section AND hide bad checks if they are not valid anymore I wouldn't say formatting in json the the b st way, but that the table output can be better displaying the array of results. Do you mean we should pin the.githib actions by hash? The doc change I wanted was of githubs, but I would be glad if the error message about permissions would point to the top level thing. |
And I agreed that github is advocating markdown, but I think that keeping asciidoc is a valid request |
@chrismcgehee @oliverchang @azeemsgoogle @naveensrinivasan would anyone object to adding the adoc extension to the readme check support? |
I don't see an issue. Let's do it. |
SGTM. |
I'd go further, we should support asciidoc. Markdown wasn't handed down from the gods, we should meet projects where they are. |
Yes! |
Describe the bug
when running the tool on my repo https://github.com/georgettica/venv I found it doesn't find my
SECURITY.adoc
fileReproduction steps
docker run -e GITHUB_AUTH_TOKEN=XXXX gcr.io/openssf/scorecard:stable --show-details --repo=https://github.com/georgettica/venv
Expected behavior
that this check will pass
Additional context
I have been cleaning this repo for this evening, so the latest commits are regarding making it comply with
scorecard
The text was updated successfully, but these errors were encountered: