Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable the OSSF Scorecard Action #446

Merged
merged 1 commit into from May 3, 2022
Merged

Disable the OSSF Scorecard Action #446

merged 1 commit into from May 3, 2022

Conversation

jonasbb
Copy link
Owner

@jonasbb jonasbb commented May 3, 2022

Without a way to supress analysis results more permanently the security
tab becomes too noisy. Either the action needs to allow an allowlist or
the GitHub UI needs to be better in permanently supressing lines.
The biggest annoyance is that each change to a action tag will trigger
a new warning, even if the same line was ignored before.

ossf/scorecard-action#143

@jonasbb
Copy link
Owner Author

jonasbb commented May 3, 2022

bors merge

bors bot added a commit that referenced this pull request May 3, 2022
@bors @jonasbb
Merge #446
b1c723c 
446: Disable the OSSF Scorecard Action r=jonasbb a=jonasbb

Without a way to supress analysis results more permanently the security
tab becomes too noisy. Either the action needs to allow an allowlist or
the GitHub UI needs to be better in permanently supressing lines.
The biggest annoyance is that each change to a action tag will trigger
a new warning, even if the same line was ignored before.

ossf/scorecard-action#143

Co-authored-by: Jonas Bushart <jonas@bushart.org>
@jonasbb
Copy link
Owner Author

jonasbb commented May 3, 2022

bors r-

@bors
Copy link
Contributor

bors bot commented May 3, 2022

Canceled.

@jonasbb
Disable the OSSF Scorecard Action
6a6a5e1 
Without a way to supress analysis results more permanently the security
tab becomes too noisy. Either the action needs to allow an allowlist or
the GitHub UI needs to be better in permanently supressing lines.
The biggest annoyance is that each change to a action tag will trigger
a new warning, even if the same line was ignored before.

ossf/scorecard-action#143
@jonasbb
Copy link
Owner Author

jonasbb commented May 3, 2022

bors merge

@codecov
Copy link

codecov bot commented May 3, 2022
edited

Codecov Report

Merging #446 (6a6a5e1) into master (d646aab) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #446   +/-   ##
=======================================
  Coverage   70.98%   70.98%           
=======================================
  Files          52       52           
  Lines        3467     3467           
=======================================
  Hits         2461     2461           
  Misses       1006     1006

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d646aab...6a6a5e1. Read the comment docs.

@bors
Copy link
Contributor

bors bot commented May 3, 2022

Build succeeded:

@bors bors bot merged commit aa87968 into master May 3, 2022
@bors bors bot deleted the disable-ossf-scorecard branch May 3, 2022 20:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@jonasbb