Add OpenSSF Scorecard Github Action and Badge #258
Milestone
Comments
lucacome
added a commit
that referenced
this issue
Oct 14, 2022
lucacome
added a commit
that referenced
this issue
Oct 14, 2022
miledxz
added a commit
to miledxz/nginx-gateway-fabric
that referenced
this issue
Jan 14, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
I'd like to improve the security of the project, especially against supply-chain attacks. Scorecard will help us track and resolve security risks in our repository and the badge can be a good way to show our users and contributors our commitment to increase the security of the project.
Describe the solution you'd like
The Scorecard system combines dozens of automated checks to let maintainers better understand their project's supply-chain security posture. It is developed by the OpenSSF, with direct support from GitHub.
The OpenSSF has also developed the Scorecard GitHub Action, which adds the results of its checks to the project's security dashboard, as well as suggestions on how to solve any issues (see examples in the Additional context). This Action has been adopted by 1600+ projects already.
I'd like to see the Scorecard GitHub Action and badge added to the project.
Additional context
These are examples of alerts are not from this repo.
Aha! Link: https://nginx.aha.io/features/NKG-11
The text was updated successfully, but these errors were encountered: