diff --git a/app/site/_data/Enterprise-CMCS/T-MSIS-Analytic-File-Generation-Python/T-MSIS-Analytic-File-Generation-Python_data.json b/app/site/_data/Enterprise-CMCS/T-MSIS-Analytic-File-Generation-Python/T-MSIS-Analytic-File-Generation-Python_data.json index f38c884763..9d698c978c 100644 --- a/app/site/_data/Enterprise-CMCS/T-MSIS-Analytic-File-Generation-Python/T-MSIS-Analytic-File-Generation-Python_data.json +++ b/app/site/_data/Enterprise-CMCS/T-MSIS-Analytic-File-Generation-Python/T-MSIS-Analytic-File-Generation-Python_data.json @@ -65,14 +65,14 @@ "nadia_badge_name": "midsize", "created_at": "2021-11-30T17:05:47Z", "ossf_scorecard": { - "date": "2025-02-16T12:36:50Z", + "date": "2025-02-23T16:19:47Z", "repo": { "name": "github.com/Enterprise-CMCS/T-MSIS-Analytic-File-Generation-Python", "commit": "439a7a6e30d82ce056e04775ba54d523a5713b23" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 5.4, "checks": [ @@ -82,7 +82,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -92,7 +92,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -102,7 +102,7 @@ "reason": "0 out of 15 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -112,7 +112,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -122,7 +122,7 @@ "reason": "Found 13/16 approved changesets -- score normalized to 8", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -132,7 +132,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -142,7 +142,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -152,7 +152,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -162,7 +162,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -172,17 +172,17 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, { "details": null, - "score": 4, - "reason": "5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4", + "score": 3, + "reason": "4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -192,7 +192,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -202,7 +202,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -212,7 +212,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -222,7 +222,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -232,7 +232,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -242,7 +242,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -252,7 +252,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/cmcs-eregulations/cmcs-eregulations_data.json b/app/site/_data/Enterprise-CMCS/cmcs-eregulations/cmcs-eregulations_data.json index 32a4439069..eaf1a91c74 100644 --- a/app/site/_data/Enterprise-CMCS/cmcs-eregulations/cmcs-eregulations_data.json +++ b/app/site/_data/Enterprise-CMCS/cmcs-eregulations/cmcs-eregulations_data.json @@ -50,14 +50,14 @@ "nadia_badge_name": "midsize", "created_at": "2020-09-28T15:44:46Z", "ossf_scorecard": { - "date": "2025-02-16T12:33:24Z", + "date": "2025-02-23T16:16:19Z", "repo": { "name": "github.com/Enterprise-CMCS/cmcs-eregulations", - "commit": "5f3438fc93371de0de30bb9f2358592d636fd0d7" + "commit": "dd19a7ef7f147dc170147af94692f4cdd0874bae" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 6.7, "checks": [ @@ -67,7 +67,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -77,7 +77,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -87,7 +87,7 @@ "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -97,7 +97,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -107,7 +107,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -117,7 +117,7 @@ "reason": "project has 10 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -127,7 +127,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -137,7 +137,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -147,7 +147,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -157,7 +157,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -167,7 +167,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -177,7 +177,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -187,7 +187,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -197,7 +197,7 @@ "reason": "SAST tool is run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -207,7 +207,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -217,7 +217,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -227,17 +227,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "41 existing vulnerabilities detected", + "reason": "40 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/eAPD/eAPD_data.json b/app/site/_data/Enterprise-CMCS/eAPD/eAPD_data.json index c4848e4df8..b8d3132ec6 100644 --- a/app/site/_data/Enterprise-CMCS/eAPD/eAPD_data.json +++ b/app/site/_data/Enterprise-CMCS/eAPD/eAPD_data.json @@ -33,14 +33,14 @@ "nadia_badge_name": "club", "created_at": "2017-12-05T21:20:35Z", "ossf_scorecard": { - "date": "2025-02-16T12:41:14Z", + "date": "2025-02-23T16:24:15Z", "repo": { "name": "github.com/Enterprise-CMCS/eAPD", "commit": "e3eb85c03858858cbeefbc09862d502ee3ca60d0" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 4.7, "checks": [ @@ -50,7 +50,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -60,7 +60,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -70,7 +70,7 @@ "reason": "0 out of 30 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -80,7 +80,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -90,7 +90,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -100,7 +100,7 @@ "reason": "project has 8 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -110,7 +110,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -120,7 +120,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -130,7 +130,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -140,7 +140,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -150,7 +150,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -160,7 +160,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -170,7 +170,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -180,7 +180,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -190,7 +190,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -200,7 +200,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -210,17 +210,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "62 existing vulnerabilities detected", + "reason": "63 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/mac-fc-amazon-ecs-run-task/mac-fc-amazon-ecs-run-task_data.json b/app/site/_data/Enterprise-CMCS/mac-fc-amazon-ecs-run-task/mac-fc-amazon-ecs-run-task_data.json index bcb409ed05..9bb9713b87 100644 --- a/app/site/_data/Enterprise-CMCS/mac-fc-amazon-ecs-run-task/mac-fc-amazon-ecs-run-task_data.json +++ b/app/site/_data/Enterprise-CMCS/mac-fc-amazon-ecs-run-task/mac-fc-amazon-ecs-run-task_data.json @@ -37,14 +37,14 @@ "nadia_badge_name": "midsize", "created_at": "2023-02-23T18:13:54Z", "ossf_scorecard": { - "date": "2025-02-16T12:40:27Z", + "date": "2025-02-23T16:23:25Z", "repo": { "name": "github.com/Enterprise-CMCS/mac-fc-amazon-ecs-run-task", "commit": "d0e41e15a6833b6aec7a31cf2e90adbfb61b9998" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 3.9, "checks": [ @@ -54,7 +54,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -64,7 +64,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -74,7 +74,7 @@ "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -84,7 +84,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -94,7 +94,7 @@ "reason": "Found 2/22 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -104,7 +104,7 @@ "reason": "project has 7 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -114,7 +114,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -124,7 +124,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -134,7 +134,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -144,7 +144,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -154,7 +154,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -164,7 +164,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -174,7 +174,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 3", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -184,7 +184,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -194,7 +194,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -204,7 +204,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -214,7 +214,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -224,7 +224,7 @@ "reason": "29 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/mac-fc-github-actions-runner-aws/mac-fc-github-actions-runner-aws_data.json b/app/site/_data/Enterprise-CMCS/mac-fc-github-actions-runner-aws/mac-fc-github-actions-runner-aws_data.json index 9d11b7d216..9e27669c2e 100644 --- a/app/site/_data/Enterprise-CMCS/mac-fc-github-actions-runner-aws/mac-fc-github-actions-runner-aws_data.json +++ b/app/site/_data/Enterprise-CMCS/mac-fc-github-actions-runner-aws/mac-fc-github-actions-runner-aws_data.json @@ -54,14 +54,14 @@ "nadia_badge_name": "midsize", "created_at": "2021-06-11T18:35:45Z", "ossf_scorecard": { - "date": "2025-02-16T12:36:59Z", + "date": "2025-02-23T16:19:57Z", "repo": { "name": "github.com/Enterprise-CMCS/mac-fc-github-actions-runner-aws", "commit": "39883688cd7bad0280b5541da168290c93448f74" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 5.9, "checks": [ @@ -71,7 +71,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -81,7 +81,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -91,7 +91,7 @@ "reason": "29 out of 29 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -101,7 +101,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -111,7 +111,7 @@ "reason": "Found 19/21 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -121,7 +121,7 @@ "reason": "project has 5 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -131,7 +131,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -141,7 +141,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -151,7 +151,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -161,7 +161,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -171,7 +171,7 @@ "reason": "8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -181,7 +181,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -191,7 +191,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -201,7 +201,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -211,7 +211,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -221,7 +221,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -231,7 +231,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -241,7 +241,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/mac-fc-security-hub-collector/mac-fc-security-hub-collector_data.json b/app/site/_data/Enterprise-CMCS/mac-fc-security-hub-collector/mac-fc-security-hub-collector_data.json index 037a830d46..80f206e720 100644 --- a/app/site/_data/Enterprise-CMCS/mac-fc-security-hub-collector/mac-fc-security-hub-collector_data.json +++ b/app/site/_data/Enterprise-CMCS/mac-fc-security-hub-collector/mac-fc-security-hub-collector_data.json @@ -41,14 +41,14 @@ "nadia_badge_name": "midsize", "created_at": "2021-04-05T13:31:36Z", "ossf_scorecard": { - "date": "2025-02-16T12:37:36Z", + "date": "2025-02-23T16:20:32Z", "repo": { "name": "github.com/Enterprise-CMCS/mac-fc-security-hub-collector", "commit": "5c5abb5ae4bb9c34ea37801bda2d0c3c4b8ff51e" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 5.9, "checks": [ @@ -58,7 +58,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -68,7 +68,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -78,7 +78,7 @@ "reason": "7 out of 17 merged PRs checked by a CI test -- score normalized to 4", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -88,7 +88,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -98,7 +98,7 @@ "reason": "Found 16/21 approved changesets -- score normalized to 7", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -108,7 +108,7 @@ "reason": "project has 6 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -118,7 +118,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -128,7 +128,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -138,7 +138,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -148,7 +148,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -158,7 +158,7 @@ "reason": "6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -168,7 +168,7 @@ "reason": "packaging workflow detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -178,7 +178,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 1", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -188,7 +188,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 1", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -198,7 +198,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -208,7 +208,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -218,7 +218,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -228,7 +228,7 @@ "reason": "2 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/mac-fc-security-hub-visibility/mac-fc-security-hub-visibility_data.json b/app/site/_data/Enterprise-CMCS/mac-fc-security-hub-visibility/mac-fc-security-hub-visibility_data.json index 4e2186a50e..d9ef6a0090 100644 --- a/app/site/_data/Enterprise-CMCS/mac-fc-security-hub-visibility/mac-fc-security-hub-visibility_data.json +++ b/app/site/_data/Enterprise-CMCS/mac-fc-security-hub-visibility/mac-fc-security-hub-visibility_data.json @@ -42,14 +42,14 @@ "nadia_badge_name": "midsize", "created_at": "2024-01-10T16:11:19Z", "ossf_scorecard": { - "date": "2025-02-16T12:37:26Z", + "date": "2025-02-23T16:20:23Z", "repo": { "name": "github.com/Enterprise-CMCS/mac-fc-security-hub-visibility", "commit": "2d848daf353c7ff77378ec2bda1ee90b7bd791a5" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 5.6, "checks": [ @@ -59,7 +59,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -69,7 +69,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -79,7 +79,7 @@ "reason": "25 out of 25 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -89,7 +89,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -99,7 +99,7 @@ "reason": "Found 13/20 approved changesets -- score normalized to 6", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -109,7 +109,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -119,7 +119,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -129,7 +129,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -139,7 +139,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -149,7 +149,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -159,7 +159,7 @@ "reason": "8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -169,7 +169,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -179,7 +179,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 3", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -189,7 +189,7 @@ "reason": "SAST tool detected but not run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -199,7 +199,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -209,7 +209,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -219,7 +219,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -229,7 +229,7 @@ "reason": "1 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macfc-security-scan-report/macfc-security-scan-report_data.json b/app/site/_data/Enterprise-CMCS/macfc-security-scan-report/macfc-security-scan-report_data.json index 1d3119b003..08bfb0a22e 100644 --- a/app/site/_data/Enterprise-CMCS/macfc-security-scan-report/macfc-security-scan-report_data.json +++ b/app/site/_data/Enterprise-CMCS/macfc-security-scan-report/macfc-security-scan-report_data.json @@ -44,14 +44,14 @@ "nadia_badge_name": "midsize", "created_at": "2023-06-06T16:15:58Z", "ossf_scorecard": { - "date": "2025-02-16T12:37:09Z", + "date": "2025-02-23T16:20:07Z", "repo": { "name": "github.com/Enterprise-CMCS/macfc-security-scan-report", "commit": "ba67c243db85dcea5186098258841735a44fe34e" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 4.7, "checks": [ @@ -61,7 +61,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -71,7 +71,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -81,7 +81,7 @@ "reason": "6 out of 6 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -91,7 +91,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -101,7 +101,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -111,7 +111,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -121,7 +121,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -131,7 +131,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -141,7 +141,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -151,7 +151,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -161,7 +161,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -171,7 +171,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -181,7 +181,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -191,7 +191,7 @@ "reason": "SAST tool detected but not run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -201,7 +201,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -211,7 +211,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -221,7 +221,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -231,7 +231,7 @@ "reason": "5 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-appian-connector/macpro-appian-connector_data.json b/app/site/_data/Enterprise-CMCS/macpro-appian-connector/macpro-appian-connector_data.json index 70af06cc83..509a71f981 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-appian-connector/macpro-appian-connector_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-appian-connector/macpro-appian-connector_data.json @@ -37,16 +37,16 @@ "nadia_badge_name": "midsize", "created_at": "2022-12-12T21:16:45Z", "ossf_scorecard": { - "date": "2025-02-16T12:38:42Z", + "date": "2025-02-23T16:21:41Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-appian-connector", "commit": "c294d5670e6cab4d5c155710228797cd3da7e670" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "score": 4.9, + "score": 4.6, "checks": [ { "details": null, @@ -54,7 +54,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -64,17 +64,17 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, "score": 0, - "reason": "1 out of 14 merged PRs checked by a CI test -- score normalized to 0", + "reason": "0 out of 14 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -84,7 +84,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -94,7 +94,7 @@ "reason": "Found 9/11 approved changesets -- score normalized to 8", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -104,7 +104,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -114,7 +114,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -124,7 +124,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -134,7 +134,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -144,7 +144,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -154,17 +154,17 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, { "details": null, - "score": 10, - "reason": "packaging workflow detected", + "score": -1, + "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -174,7 +174,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -184,7 +184,7 @@ "reason": "SAST tool detected but not run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -194,7 +194,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -204,7 +204,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -214,7 +214,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -224,7 +224,7 @@ "reason": "33 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-auth/macpro-auth_data.json b/app/site/_data/Enterprise-CMCS/macpro-auth/macpro-auth_data.json index 3a1c7bed0b..1ff9cb614f 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-auth/macpro-auth_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-auth/macpro-auth_data.json @@ -33,14 +33,14 @@ "nadia_badge_name": "toy", "created_at": "2022-12-22T20:07:38Z", "ossf_scorecard": { - "date": "2025-02-16T12:41:03Z", + "date": "2025-02-23T16:24:02Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-auth", "commit": "b85736a39ee9be4525ed7728be3224f9be809fb1" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 3.4, "checks": [ @@ -50,7 +50,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -60,7 +60,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -70,7 +70,7 @@ "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -80,7 +80,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -90,7 +90,7 @@ "reason": "Found 2/4 approved changesets -- score normalized to 5", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -100,7 +100,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -110,7 +110,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -120,7 +120,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -130,7 +130,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -140,7 +140,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -150,7 +150,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -160,7 +160,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -170,7 +170,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -180,7 +180,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -190,7 +190,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -200,7 +200,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -210,7 +210,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -220,7 +220,7 @@ "reason": "15 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-mako/macpro-mako_data.json b/app/site/_data/Enterprise-CMCS/macpro-mako/macpro-mako_data.json index b8e4fd662c..91236b0294 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-mako/macpro-mako_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-mako/macpro-mako_data.json @@ -81,14 +81,14 @@ "nadia_badge_name": "midsize", "created_at": "2023-01-23T21:43:54Z", "ossf_scorecard": { - "date": "2025-02-16T12:33:56Z", + "date": "2025-02-23T16:16:48Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-mako", - "commit": "875c94ce80b9ac19426a492523907c94d529d8bf" + "commit": "8400d67c862911845818c930f51a14f9bc711cbf" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 6.4, "checks": [ @@ -98,7 +98,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -108,7 +108,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -118,7 +118,7 @@ "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -128,7 +128,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -138,7 +138,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -148,7 +148,7 @@ "reason": "project has 5 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -158,7 +158,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -168,7 +168,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -178,7 +178,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -188,7 +188,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -198,7 +198,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -208,7 +208,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -218,7 +218,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -228,7 +228,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -238,7 +238,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -248,7 +248,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -258,7 +258,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -268,7 +268,7 @@ "reason": "1 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-mdct-carts/macpro-mdct-carts_data.json b/app/site/_data/Enterprise-CMCS/macpro-mdct-carts/macpro-mdct-carts_data.json index 4425331639..e4a15615b9 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-mdct-carts/macpro-mdct-carts_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-mdct-carts/macpro-mdct-carts_data.json @@ -63,14 +63,14 @@ "nadia_badge_name": "club", "created_at": "2019-12-06T19:56:57Z", "ossf_scorecard": { - "date": "2025-02-16T12:36:13Z", + "date": "2025-02-23T16:19:09Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-mdct-carts", - "commit": "0099ca13a9049c9ba756616645387413078525e7" + "commit": "ae3bbf9e5d6eed033ca1fa90d8cc8b83b4d80484" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 5.1, "checks": [ @@ -80,7 +80,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -90,7 +90,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -100,7 +100,7 @@ "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -110,7 +110,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -120,7 +120,7 @@ "reason": "Found 27/30 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -130,7 +130,7 @@ "reason": "project has 13 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -140,7 +140,7 @@ "reason": "dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -150,7 +150,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -160,7 +160,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -170,7 +170,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -180,7 +180,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -190,7 +190,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -200,7 +200,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -210,7 +210,7 @@ "reason": "SAST tool is run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -220,7 +220,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -230,7 +230,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -240,17 +240,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "21 existing vulnerabilities detected", + "reason": "22 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-mdct-core/macpro-mdct-core_data.json b/app/site/_data/Enterprise-CMCS/macpro-mdct-core/macpro-mdct-core_data.json index 7e168cf744..3fa716093c 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-mdct-core/macpro-mdct-core_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-mdct-core/macpro-mdct-core_data.json @@ -35,14 +35,14 @@ "nadia_badge_name": "midsize", "created_at": "2023-07-24T14:47:20Z", "ossf_scorecard": { - "date": "2025-02-16T12:37:19Z", + "date": "2025-02-23T16:20:16Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-mdct-core", "commit": "d324e425febaafbf32a9d8af448b99b04d2ef828" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 5.5, "checks": [ @@ -52,7 +52,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -62,7 +62,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -72,7 +72,7 @@ "reason": "9 out of 9 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -82,7 +82,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -92,7 +92,7 @@ "reason": "Found 7/30 approved changesets -- score normalized to 2", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -102,7 +102,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -112,7 +112,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -122,7 +122,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -132,7 +132,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -142,7 +142,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -152,7 +152,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -162,7 +162,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -172,7 +172,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -182,7 +182,7 @@ "reason": "SAST tool is run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -192,7 +192,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -202,7 +202,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -212,7 +212,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -222,7 +222,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-mdct-mcr/macpro-mdct-mcr_data.json b/app/site/_data/Enterprise-CMCS/macpro-mdct-mcr/macpro-mdct-mcr_data.json index b05df9181f..c93fb8aef1 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-mdct-mcr/macpro-mdct-mcr_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-mdct-mcr/macpro-mdct-mcr_data.json @@ -74,14 +74,14 @@ "nadia_badge_name": "midsize", "created_at": "2022-03-04T14:51:19Z", "ossf_scorecard": { - "date": "2025-02-16T12:35:37Z", + "date": "2025-02-23T16:18:26Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-mdct-mcr", - "commit": "a66092aaa0e40385f019b1881f00f97649a8c24b" + "commit": "8effa0aac2b3d7030c856d58adfd9724b7f2eeba" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 5.1, "checks": [ @@ -91,7 +91,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -101,17 +101,17 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, "score": 10, - "reason": "29 out of 29 merged PRs checked by a CI test -- score normalized to 10", + "reason": "27 out of 27 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -121,17 +121,17 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, { "details": null, "score": 9, - "reason": "Found 29/30 approved changesets -- score normalized to 9", + "reason": "Found 27/29 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -141,7 +141,7 @@ "reason": "project has 4 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -151,7 +151,7 @@ "reason": "dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -161,7 +161,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -171,7 +171,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -181,7 +181,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -191,7 +191,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -201,7 +201,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -211,7 +211,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -221,7 +221,7 @@ "reason": "SAST tool is run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -231,7 +231,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -241,7 +241,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -251,17 +251,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "21 existing vulnerabilities detected", + "reason": "22 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-mdct-mfp/macpro-mdct-mfp_data.json b/app/site/_data/Enterprise-CMCS/macpro-mdct-mfp/macpro-mdct-mfp_data.json index dcc0be3cff..a4a04157a8 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-mdct-mfp/macpro-mdct-mfp_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-mdct-mfp/macpro-mdct-mfp_data.json @@ -66,14 +66,14 @@ "nadia_badge_name": "midsize", "created_at": "2023-02-02T15:07:39Z", "ossf_scorecard": { - "date": "2025-02-16T12:30:48Z", + "date": "2025-02-23T16:13:40Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-mdct-mfp", - "commit": "6ed6c49329e45aaed8a6615a3f2d3f02a3f14186" + "commit": "81b2c1e8e00532ea669e711f2dc77e1af4077d2d" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 5.1, "checks": [ @@ -83,7 +83,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -93,7 +93,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -103,7 +103,7 @@ "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -113,7 +113,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -123,7 +123,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -133,7 +133,7 @@ "reason": "project has 2 contributing companies or organizations -- score normalized to 6", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -143,7 +143,7 @@ "reason": "dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -153,7 +153,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -163,7 +163,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -173,7 +173,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -183,7 +183,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -193,7 +193,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -203,7 +203,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -213,7 +213,7 @@ "reason": "SAST tool is run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -223,7 +223,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -233,7 +233,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -243,7 +243,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -253,7 +253,7 @@ "reason": "19 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-mdct-qmr/macpro-mdct-qmr_data.json b/app/site/_data/Enterprise-CMCS/macpro-mdct-qmr/macpro-mdct-qmr_data.json index b896bff29a..3a8b1347ac 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-mdct-qmr/macpro-mdct-qmr_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-mdct-qmr/macpro-mdct-qmr_data.json @@ -79,16 +79,16 @@ "nadia_badge_name": "midsize", "created_at": "2021-02-25T16:57:16Z", "ossf_scorecard": { - "date": "2025-02-16T12:34:12Z", + "date": "2025-02-23T16:17:04Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-mdct-qmr", - "commit": "d55a2f9d6a203e500cba2e940bffe4f8602bf007" + "commit": "05235c8928d5a4f881c88474cdbc4ba7a649133b" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "score": 5.2, + "score": 5.1, "checks": [ { "details": null, @@ -96,7 +96,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -106,17 +106,17 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, "score": 10, - "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", + "reason": "28 out of 28 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -126,17 +126,17 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, { "details": null, - "score": 10, - "reason": "all changesets reviewed", + "score": 9, + "reason": "Found 28/30 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -146,7 +146,7 @@ "reason": "project has 6 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -156,7 +156,7 @@ "reason": "dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -166,7 +166,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -176,7 +176,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -186,7 +186,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -196,7 +196,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -206,7 +206,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -216,7 +216,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -226,7 +226,7 @@ "reason": "SAST tool is run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -236,7 +236,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -246,7 +246,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -256,7 +256,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -266,7 +266,7 @@ "reason": "26 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-mdct-seds/macpro-mdct-seds_data.json b/app/site/_data/Enterprise-CMCS/macpro-mdct-seds/macpro-mdct-seds_data.json index 1da4e7a7a2..f52cd1ebba 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-mdct-seds/macpro-mdct-seds_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-mdct-seds/macpro-mdct-seds_data.json @@ -69,14 +69,14 @@ "nadia_badge_name": "midsize", "created_at": "2020-12-04T19:41:29Z", "ossf_scorecard": { - "date": "2025-02-16T12:34:56Z", + "date": "2025-02-23T16:17:46Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-mdct-seds", - "commit": "c25950c02e19fc846715d0cd0b220aaa221552b9" + "commit": "068a1523c291b84aef2b1272c5183d117808e993" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 5.0, "checks": [ @@ -86,7 +86,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -96,7 +96,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -106,7 +106,7 @@ "reason": "28 out of 28 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -116,7 +116,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -126,7 +126,7 @@ "reason": "Found 25/28 approved changesets -- score normalized to 8", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -136,7 +136,7 @@ "reason": "project has 7 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -146,7 +146,7 @@ "reason": "dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -156,7 +156,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -166,7 +166,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -176,17 +176,17 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, { "details": null, "score": 10, - "reason": "18 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "reason": "21 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -196,7 +196,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -206,7 +206,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -216,7 +216,7 @@ "reason": "SAST tool is run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -226,7 +226,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -236,7 +236,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -246,7 +246,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -256,7 +256,7 @@ "reason": "23 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-onemac/macpro-onemac_data.json b/app/site/_data/Enterprise-CMCS/macpro-onemac/macpro-onemac_data.json index 8077490216..81461d892f 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-onemac/macpro-onemac_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-onemac/macpro-onemac_data.json @@ -53,14 +53,14 @@ "nadia_badge_name": "midsize", "created_at": "2020-08-03T13:54:40Z", "ossf_scorecard": { - "date": "2025-02-16T12:32:02Z", + "date": "2025-02-23T16:14:52Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-onemac", "commit": "72e39ebe4ee81f3015600c572e08bed39a0d14d6" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 6.1, "checks": [ @@ -70,7 +70,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -80,7 +80,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -90,7 +90,7 @@ "reason": "4 out of 4 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -100,7 +100,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -110,7 +110,7 @@ "reason": "Found 3/4 approved changesets -- score normalized to 7", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -120,7 +120,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -130,7 +130,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -140,7 +140,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -150,7 +150,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -160,7 +160,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -170,7 +170,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -180,7 +180,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -190,7 +190,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 1", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -200,7 +200,7 @@ "reason": "SAST tool is run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -210,7 +210,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -220,7 +220,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -230,17 +230,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "42 existing vulnerabilities detected", + "reason": "43 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-platform-doc-conversion/macpro-platform-doc-conversion_data.json b/app/site/_data/Enterprise-CMCS/macpro-platform-doc-conversion/macpro-platform-doc-conversion_data.json index e53b0beb34..549f0f0b6f 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-platform-doc-conversion/macpro-platform-doc-conversion_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-platform-doc-conversion/macpro-platform-doc-conversion_data.json @@ -37,14 +37,14 @@ "nadia_badge_name": "midsize", "created_at": "2022-01-14T15:00:20Z", "ossf_scorecard": { - "date": "2025-02-16T12:40:46Z", + "date": "2025-02-23T16:23:42Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-platform-doc-conversion", "commit": "3c47af732c4c17181a7ba183dd20a40e6fb938bf" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 4.3, "checks": [ @@ -54,7 +54,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -64,7 +64,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -74,7 +74,7 @@ "reason": "0 out of 19 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -84,7 +84,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -94,7 +94,7 @@ "reason": "Found 15/16 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -104,7 +104,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -114,7 +114,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -124,7 +124,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -134,7 +134,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -144,7 +144,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -154,7 +154,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -164,7 +164,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -174,7 +174,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -184,7 +184,7 @@ "reason": "SAST tool detected but not run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -194,7 +194,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -204,7 +204,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -214,7 +214,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -224,7 +224,7 @@ "reason": "31 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-quickstart-serverless/macpro-quickstart-serverless_data.json b/app/site/_data/Enterprise-CMCS/macpro-quickstart-serverless/macpro-quickstart-serverless_data.json index 41ae0a3b25..d3be8b0c2e 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-quickstart-serverless/macpro-quickstart-serverless_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-quickstart-serverless/macpro-quickstart-serverless_data.json @@ -36,14 +36,14 @@ "nadia_badge_name": "midsize", "created_at": "2020-08-27T12:30:25Z", "ossf_scorecard": { - "date": "2025-02-16T12:39:50Z", + "date": "2025-02-23T16:22:49Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-quickstart-serverless", "commit": "ebfcf4622237dabd872df171ddb9896970ec3bee" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 4.8, "checks": [ @@ -53,7 +53,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -63,7 +63,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -73,7 +73,7 @@ "reason": "0 out of 17 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -83,7 +83,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -93,7 +93,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -103,7 +103,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -113,7 +113,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -123,7 +123,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -133,7 +133,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -143,7 +143,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -153,7 +153,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -163,7 +163,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -173,7 +173,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -183,7 +183,7 @@ "reason": "SAST tool detected but not run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -193,7 +193,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -203,7 +203,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -213,17 +213,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "81 existing vulnerabilities detected", + "reason": "82 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-security-hub-sync/macpro-security-hub-sync_data.json b/app/site/_data/Enterprise-CMCS/macpro-security-hub-sync/macpro-security-hub-sync_data.json index 3b84b4f4aa..4e77fc01ac 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-security-hub-sync/macpro-security-hub-sync_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-security-hub-sync/macpro-security-hub-sync_data.json @@ -37,14 +37,14 @@ "nadia_badge_name": "midsize", "created_at": "2023-01-23T21:47:31Z", "ossf_scorecard": { - "date": "2025-02-16T12:35:27Z", + "date": "2025-02-23T16:18:15Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-security-hub-sync", "commit": "4da170b9cc489f5da1dc40b54cc07d2edd64b4f9" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 4.8, "checks": [ @@ -54,7 +54,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -64,7 +64,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -74,7 +74,7 @@ "reason": "23 out of 24 merged PRs checked by a CI test -- score normalized to 9", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -84,7 +84,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -94,7 +94,7 @@ "reason": "Found 14/30 approved changesets -- score normalized to 4", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -104,7 +104,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -114,7 +114,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -124,7 +124,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -134,7 +134,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -144,7 +144,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -154,7 +154,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -164,7 +164,7 @@ "reason": "packaging workflow detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -174,7 +174,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -184,7 +184,7 @@ "reason": "SAST tool detected but not run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -194,7 +194,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -204,7 +204,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -214,7 +214,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -224,7 +224,7 @@ "reason": "24 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-serverless-running-stages/macpro-serverless-running-stages_data.json b/app/site/_data/Enterprise-CMCS/macpro-serverless-running-stages/macpro-serverless-running-stages_data.json index fed2946ea3..93c34921e4 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-serverless-running-stages/macpro-serverless-running-stages_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-serverless-running-stages/macpro-serverless-running-stages_data.json @@ -37,14 +37,14 @@ "nadia_badge_name": "midsize", "created_at": "2023-01-09T20:47:58Z", "ossf_scorecard": { - "date": "2025-02-16T12:40:35Z", + "date": "2025-02-23T16:23:33Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-serverless-running-stages", "commit": "83d291683b6102eeebbda7e9e47cf7772dc0f7c3" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 4.5, "checks": [ @@ -54,7 +54,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -64,7 +64,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -74,7 +74,7 @@ "reason": "4 out of 13 merged PRs checked by a CI test -- score normalized to 3", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -84,7 +84,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -94,7 +94,7 @@ "reason": "Found 2/17 approved changesets -- score normalized to 1", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -104,7 +104,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -114,7 +114,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -124,7 +124,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -134,7 +134,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -144,7 +144,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -154,7 +154,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -164,7 +164,7 @@ "reason": "packaging workflow detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -174,7 +174,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 3", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -184,7 +184,7 @@ "reason": "SAST tool detected but not run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -194,7 +194,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -204,7 +204,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -214,7 +214,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -224,7 +224,7 @@ "reason": "18 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/macpro-ux-lib/macpro-ux-lib_data.json b/app/site/_data/Enterprise-CMCS/macpro-ux-lib/macpro-ux-lib_data.json index 1fb0131deb..350fa2936c 100644 --- a/app/site/_data/Enterprise-CMCS/macpro-ux-lib/macpro-ux-lib_data.json +++ b/app/site/_data/Enterprise-CMCS/macpro-ux-lib/macpro-ux-lib_data.json @@ -33,14 +33,14 @@ "nadia_badge_name": "midsize", "created_at": "2022-06-28T16:26:54Z", "ossf_scorecard": { - "date": "2025-02-16T12:39:07Z", + "date": "2025-02-23T16:22:05Z", "repo": { "name": "github.com/Enterprise-CMCS/macpro-ux-lib", "commit": "6a9a4142e9a78452840ce684d1497c9530cf477c" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 4.5, "checks": [ @@ -50,7 +50,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -60,7 +60,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -70,7 +70,7 @@ "reason": "0 out of 28 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -80,7 +80,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -90,7 +90,7 @@ "reason": "Found 3/5 approved changesets -- score normalized to 6", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -100,7 +100,7 @@ "reason": "project has 5 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -110,7 +110,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -120,7 +120,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -130,7 +130,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -140,7 +140,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -150,7 +150,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -160,7 +160,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -170,7 +170,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 3", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -180,7 +180,7 @@ "reason": "SAST tool detected but not run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -190,7 +190,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -200,7 +200,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -210,7 +210,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -220,7 +220,7 @@ "reason": "37 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/managed-care-review/managed-care-review_data.json b/app/site/_data/Enterprise-CMCS/managed-care-review/managed-care-review_data.json index 020d29f717..e45d42d0a5 100644 --- a/app/site/_data/Enterprise-CMCS/managed-care-review/managed-care-review_data.json +++ b/app/site/_data/Enterprise-CMCS/managed-care-review/managed-care-review_data.json @@ -54,14 +54,14 @@ "nadia_badge_name": "midsize", "created_at": "2020-07-27T19:02:24Z", "ossf_scorecard": { - "date": "2025-02-16T12:31:29Z", + "date": "2025-02-23T16:14:22Z", "repo": { "name": "github.com/Enterprise-CMCS/managed-care-review", - "commit": "a154a2c096ce4d6eef9f26b2d20b4b8a620dce46" + "commit": "83702db213ad9eaad13ecf2691b0fc9f7a4720d6" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 6.3, "checks": [ @@ -71,7 +71,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -81,7 +81,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -91,7 +91,7 @@ "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -101,7 +101,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -111,7 +111,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -121,7 +121,7 @@ "reason": "project has 6 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -131,7 +131,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -141,7 +141,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -151,7 +151,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -161,7 +161,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -171,7 +171,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -181,7 +181,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -191,7 +191,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -201,7 +201,7 @@ "reason": "SAST tool is run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -211,7 +211,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -221,7 +221,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -231,17 +231,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "34 existing vulnerabilities detected", + "reason": "35 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/seatool-compare/seatool-compare_data.json b/app/site/_data/Enterprise-CMCS/seatool-compare/seatool-compare_data.json index a1cc160562..c6e3895b4f 100644 --- a/app/site/_data/Enterprise-CMCS/seatool-compare/seatool-compare_data.json +++ b/app/site/_data/Enterprise-CMCS/seatool-compare/seatool-compare_data.json @@ -36,16 +36,16 @@ "nadia_badge_name": "midsize", "created_at": "2022-09-16T18:46:05Z", "ossf_scorecard": { - "date": "2025-02-16T12:38:11Z", + "date": "2025-02-23T16:21:10Z", "repo": { "name": "github.com/Enterprise-CMCS/seatool-compare", "commit": "9ee31e2c2f8c5defba29f1cbf4cb501438c94a5d" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "score": 4.7, + "score": 4.5, "checks": [ { "details": null, @@ -53,7 +53,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -63,17 +63,17 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, "score": 0, - "reason": "1 out of 21 merged PRs checked by a CI test -- score normalized to 0", + "reason": "0 out of 21 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -83,7 +83,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -93,7 +93,7 @@ "reason": "Found 17/18 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -103,7 +103,7 @@ "reason": "project has 2 contributing companies or organizations -- score normalized to 6", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -113,7 +113,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -123,7 +123,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -133,7 +133,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -143,7 +143,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -153,17 +153,17 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, { "details": null, - "score": 10, - "reason": "packaging workflow detected", + "score": -1, + "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -173,7 +173,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -183,7 +183,7 @@ "reason": "SAST tool detected but not run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -193,7 +193,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -203,7 +203,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -213,17 +213,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "38 existing vulnerabilities detected", + "reason": "39 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/seatool-connectors/seatool-connectors_data.json b/app/site/_data/Enterprise-CMCS/seatool-connectors/seatool-connectors_data.json index 9f0d15eeab..4bc2354479 100644 --- a/app/site/_data/Enterprise-CMCS/seatool-connectors/seatool-connectors_data.json +++ b/app/site/_data/Enterprise-CMCS/seatool-connectors/seatool-connectors_data.json @@ -46,14 +46,14 @@ "nadia_badge_name": "midsize", "created_at": "2022-09-16T18:48:38Z", "ossf_scorecard": { - "date": "2025-02-16T12:37:46Z", + "date": "2025-02-23T16:20:42Z", "repo": { "name": "github.com/Enterprise-CMCS/seatool-connectors", "commit": "62c2628e1e7ba9ec18befae890e7d87d743455b7" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 4.9, "checks": [ @@ -63,7 +63,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -73,17 +73,17 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, "score": 6, - "reason": "13 out of 20 merged PRs checked by a CI test -- score normalized to 6", + "reason": "12 out of 20 merged PRs checked by a CI test -- score normalized to 6", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -93,7 +93,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -103,7 +103,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -113,7 +113,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -123,7 +123,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -133,7 +133,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -143,7 +143,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -153,7 +153,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -163,7 +163,7 @@ "reason": "2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -173,7 +173,7 @@ "reason": "packaging workflow detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -183,7 +183,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -193,7 +193,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -203,7 +203,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -213,7 +213,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -223,17 +223,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "16 existing vulnerabilities detected", + "reason": "15 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/Enterprise-CMCS/serverless-s3-bucket-helper/serverless-s3-bucket-helper_data.json b/app/site/_data/Enterprise-CMCS/serverless-s3-bucket-helper/serverless-s3-bucket-helper_data.json index 213fea87ff..ad47d4acc5 100644 --- a/app/site/_data/Enterprise-CMCS/serverless-s3-bucket-helper/serverless-s3-bucket-helper_data.json +++ b/app/site/_data/Enterprise-CMCS/serverless-s3-bucket-helper/serverless-s3-bucket-helper_data.json @@ -34,14 +34,14 @@ "nadia_badge_name": "toy", "created_at": "2021-08-26T16:41:01Z", "ossf_scorecard": { - "date": "2025-02-16T12:41:10Z", + "date": "2025-02-23T16:24:10Z", "repo": { "name": "github.com/Enterprise-CMCS/serverless-s3-bucket-helper", "commit": "3e519d15676de237ec8ede3ff9ae26abf3f3ef0a" }, "scorecard": { - "version": "v5.1.0", - "commit": "b0143fc57d8d38748990027266de715052806f4b" + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, "score": 3.7, "checks": [ @@ -51,7 +51,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -61,7 +61,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -71,7 +71,7 @@ "reason": "0 out of 6 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -81,7 +81,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -91,7 +91,7 @@ "reason": "Found 2/7 approved changesets -- score normalized to 2", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -101,7 +101,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -111,7 +111,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -121,7 +121,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -131,7 +131,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -141,7 +141,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -151,7 +151,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -161,7 +161,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -171,7 +171,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -181,7 +181,7 @@ "reason": "SAST tool detected but not run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -191,7 +191,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -201,7 +201,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -211,7 +211,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -221,7 +221,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/b0143fc57d8d38748990027266de715052806f4b/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } }