[bug] Scorecard action not reporting binary artifacts in the repo #1116
Comments
|
\cc @diogoteles08 |
|
Hi! @gabibguti helped me on the analysis, and we could verify that the file is being reported by Scorecard v4.10.4 but it's not by Scorecard v4.10.2 , so that should be it. Is there an easy way to verify what Scorecard version is used by the latest scorecard-action version? |
Any artifacts will have the scorecard version used in them: The release notes usually include the scorecard version in the changelog. Or you can look at the v2.1.3 has been released which has this fix. Feel free to re-open if you continue to observe the behavior after updating. |
|
Thanks @spencerschrock for the new release. Dependabot already started rolling the new version to the flutter repositories. |
flutter/packages contain a binary artifact https://github.com/flutter/packages/blob/main/packages/rfw/example/wasm/logic/calculator.wasm but scorecard action is not reporting it(https://deps.dev/project/github/flutter%2Fpackages).
It seems like the current version is from the end of 2020 is there a new release scheduled? is this caused by the action not using the latest version of scorecard?
The text was updated successfully, but these errors were encountered: