diff --git a/app/site/_data/CMS-Enterprise/batcave-knight-light/batcave-knight-light_data.json b/app/site/_data/CMS-Enterprise/batcave-knight-light/batcave-knight-light_data.json index b75946bcd1..875bb410c5 100644 --- a/app/site/_data/CMS-Enterprise/batcave-knight-light/batcave-knight-light_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-knight-light/batcave-knight-light_data.json @@ -373,14 +373,14 @@ }, "created_at": "2023-12-07T14:49:04Z", "ossf_scorecard": { - "date": "2025-01-05T09:03:11Z", + "date": "2025-01-11T00:25:30Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-knight-light", "commit": "ed82fd175c2c83f1cf08e0ae51cd8bf821093506" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 3.6, "checks": [ @@ -390,7 +390,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -400,7 +400,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -410,7 +410,7 @@ "reason": "13 out of 15 merged PRs checked by a CI test -- score normalized to 8", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -420,7 +420,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -430,7 +430,7 @@ "reason": "Found 2/25 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -440,7 +440,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -450,7 +450,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -460,7 +460,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -470,7 +470,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -480,7 +480,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -490,7 +490,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -500,7 +500,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -510,7 +510,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 1", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -520,7 +520,7 @@ "reason": "SAST tool is run on all commits", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -530,7 +530,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -540,7 +540,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -550,7 +550,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -560,7 +560,7 @@ "reason": "63 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-omnibus/batcave-omnibus_data.json b/app/site/_data/CMS-Enterprise/batcave-omnibus/batcave-omnibus_data.json index 8a3bfee90d..1a33304a88 100644 --- a/app/site/_data/CMS-Enterprise/batcave-omnibus/batcave-omnibus_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-omnibus/batcave-omnibus_data.json @@ -106,14 +106,14 @@ }, "created_at": "2023-12-07T14:50:16Z", "ossf_scorecard": { - "date": "2025-01-05T09:07:00Z", + "date": "2025-01-11T00:29:18Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-omnibus", "commit": "9492b2d618345f84d0aa200ebb3c9ef8900dea71" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 4.6, "checks": [ @@ -123,7 +123,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -133,7 +133,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -143,7 +143,7 @@ "reason": "no pull request found", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -153,7 +153,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -163,7 +163,7 @@ "reason": "Found 0/30 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -173,7 +173,7 @@ "reason": "project has 2 contributing companies or organizations -- score normalized to 6", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -183,7 +183,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -193,7 +193,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -203,7 +203,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -213,7 +213,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -223,7 +223,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -233,7 +233,7 @@ "reason": "packaging workflow detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -243,7 +243,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -253,7 +253,7 @@ "reason": "no SAST tool detected", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -263,7 +263,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -273,7 +273,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -283,7 +283,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -293,7 +293,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-autoscaler/batcave-tf-autoscaler_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-autoscaler/batcave-tf-autoscaler_data.json index 4a5b2fdc9a..2dd07d0ece 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-autoscaler/batcave-tf-autoscaler_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-autoscaler/batcave-tf-autoscaler_data.json @@ -96,14 +96,14 @@ }, "created_at": "2022-04-15T15:58:33Z", "ossf_scorecard": { - "date": "2025-01-05T09:05:26Z", + "date": "2025-01-11T00:27:41Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-autoscaler", "commit": "d7e7d5ca73752d61ca398796473a9a5a25d20160" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 4.9, "checks": [ @@ -113,7 +113,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -123,7 +123,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -133,7 +133,7 @@ "reason": "1 out of 25 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -143,7 +143,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -153,7 +153,7 @@ "reason": "Found 23/25 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -163,7 +163,7 @@ "reason": "project has 2 contributing companies or organizations -- score normalized to 6", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -173,7 +173,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -183,7 +183,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -193,7 +193,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -203,7 +203,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -213,7 +213,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -223,7 +223,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -233,7 +233,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -243,7 +243,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -253,7 +253,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -263,7 +263,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -273,7 +273,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -283,7 +283,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-buckets/batcave-tf-buckets_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-buckets/batcave-tf-buckets_data.json index c11dcb022a..c41206af42 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-buckets/batcave-tf-buckets_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-buckets/batcave-tf-buckets_data.json @@ -95,14 +95,14 @@ }, "created_at": "2022-03-10T14:15:10Z", "ossf_scorecard": { - "date": "2025-01-05T09:05:04Z", + "date": "2025-01-11T00:27:25Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-buckets", "commit": "48147d6a131f1a22bc333d62578e7fbe81320009" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 4.7, "checks": [ @@ -112,7 +112,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -122,7 +122,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -132,7 +132,7 @@ "reason": "1 out of 13 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -142,7 +142,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -152,7 +152,7 @@ "reason": "Found 12/14 approved changesets -- score normalized to 8", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -162,7 +162,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -172,7 +172,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -182,7 +182,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -192,7 +192,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -202,7 +202,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -212,7 +212,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -222,7 +222,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -232,7 +232,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -242,7 +242,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -252,7 +252,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -262,7 +262,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -272,7 +272,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -282,7 +282,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-cluster/batcave-tf-cluster_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-cluster/batcave-tf-cluster_data.json index 8b50c08929..4a6a025480 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-cluster/batcave-tf-cluster_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-cluster/batcave-tf-cluster_data.json @@ -138,14 +138,14 @@ }, "created_at": "2022-03-08T16:24:15Z", "ossf_scorecard": { - "date": "2025-01-05T09:04:15Z", + "date": "2025-01-11T00:26:34Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-cluster", "commit": "314dfb1bc85273502330c747524071c991f11068" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 4.9, "checks": [ @@ -155,7 +155,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -165,7 +165,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -175,7 +175,7 @@ "reason": "21 out of 30 merged PRs checked by a CI test -- score normalized to 7", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -185,7 +185,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -195,7 +195,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -205,7 +205,7 @@ "reason": "project has 5 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -215,7 +215,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -225,7 +225,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -235,7 +235,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -245,7 +245,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -255,7 +255,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -265,7 +265,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -275,7 +275,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -285,7 +285,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -295,7 +295,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -305,7 +305,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -315,7 +315,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -325,7 +325,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-configmap/batcave-tf-configmap_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-configmap/batcave-tf-configmap_data.json index 54ceb9cf16..c85e7cc8ba 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-configmap/batcave-tf-configmap_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-configmap/batcave-tf-configmap_data.json @@ -106,14 +106,14 @@ }, "created_at": "2022-07-26T19:26:05Z", "ossf_scorecard": { - "date": "2025-01-05T09:05:36Z", + "date": "2025-01-11T00:27:55Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-configmap", "commit": "bc1a935d6e2ba91c916412b05b0065cd20f0cf76" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 4.3, "checks": [ @@ -123,7 +123,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -133,7 +133,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -143,7 +143,7 @@ "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -153,7 +153,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -163,7 +163,7 @@ "reason": "Found 2/5 approved changesets -- score normalized to 4", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -173,7 +173,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -183,7 +183,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -193,7 +193,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -203,7 +203,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -213,7 +213,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -223,7 +223,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -233,7 +233,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -243,7 +243,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -253,7 +253,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -263,7 +263,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -273,7 +273,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -283,7 +283,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -293,7 +293,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-db-s3-integration/batcave-tf-db-s3-integration_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-db-s3-integration/batcave-tf-db-s3-integration_data.json index 30e7247bdd..ed255d420f 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-db-s3-integration/batcave-tf-db-s3-integration_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-db-s3-integration/batcave-tf-db-s3-integration_data.json @@ -90,14 +90,14 @@ }, "created_at": "2023-08-17T17:16:06Z", "ossf_scorecard": { - "date": "2025-01-05T09:05:40Z", + "date": "2025-01-11T00:27:59Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-db-s3-integration", "commit": "0f52204f66408e10972af252f4f0992ab0669028" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 4.2, "checks": [ @@ -107,7 +107,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -117,7 +117,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -127,7 +127,7 @@ "reason": "1 out of 2 merged PRs checked by a CI test -- score normalized to 5", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -137,7 +137,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -147,7 +147,7 @@ "reason": "Found 2/14 approved changesets -- score normalized to 1", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -157,7 +157,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -167,7 +167,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -177,7 +177,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -187,7 +187,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -197,7 +197,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -207,7 +207,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -217,7 +217,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -227,7 +227,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -237,7 +237,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -247,7 +247,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -257,7 +257,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -267,7 +267,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -277,7 +277,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-dynamodb/batcave-tf-dynamodb_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-dynamodb/batcave-tf-dynamodb_data.json index 4ad0b3d98b..d8145fb0e3 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-dynamodb/batcave-tf-dynamodb_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-dynamodb/batcave-tf-dynamodb_data.json @@ -91,14 +91,14 @@ }, "created_at": "2023-02-27T21:44:41Z", "ossf_scorecard": { - "date": "2025-01-05T09:07:09Z", + "date": "2025-01-11T00:29:27Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-dynamodb", "commit": "0ec1f19bbc6496ee95495d3723ccaaed839ceada" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 2.1, "checks": [ @@ -108,7 +108,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -118,7 +118,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -128,7 +128,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -138,7 +138,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -148,7 +148,7 @@ "reason": "Found 1/12 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -158,7 +158,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -168,7 +168,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -178,7 +178,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -188,7 +188,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -198,7 +198,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -208,7 +208,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -218,7 +218,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -228,7 +228,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -238,7 +238,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -248,7 +248,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -258,7 +258,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -268,7 +268,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -278,7 +278,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-efs/batcave-tf-efs_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-efs/batcave-tf-efs_data.json index f1538712fb..88ba7f8b7f 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-efs/batcave-tf-efs_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-efs/batcave-tf-efs_data.json @@ -97,14 +97,14 @@ }, "created_at": "2022-08-23T16:05:23Z", "ossf_scorecard": { - "date": "2025-01-05T09:06:44Z", + "date": "2025-01-11T00:29:03Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-efs", "commit": "258a1cbb0ef8f2f7af512852135f029949a75695" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 4.7, "checks": [ @@ -114,7 +114,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -124,7 +124,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -134,7 +134,7 @@ "reason": "0 out of 17 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -144,7 +144,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -154,7 +154,7 @@ "reason": "Found 17/18 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -164,7 +164,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -174,7 +174,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -184,7 +184,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -194,7 +194,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -204,7 +204,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -214,7 +214,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -224,7 +224,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -234,7 +234,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -244,7 +244,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -254,7 +254,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -264,7 +264,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -274,7 +274,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -284,7 +284,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-gatus/batcave-tf-gatus_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-gatus/batcave-tf-gatus_data.json index 7f02791852..6cbef0c10d 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-gatus/batcave-tf-gatus_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-gatus/batcave-tf-gatus_data.json @@ -111,14 +111,14 @@ }, "created_at": "2022-08-30T22:54:43Z", "ossf_scorecard": { - "date": "2025-01-05T09:06:53Z", + "date": "2025-01-11T00:29:12Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-gatus", "commit": "0dd7d724dcda91370778d373ab3e58f3ebb6b6b5" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 5.6, "checks": [ @@ -128,7 +128,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -138,7 +138,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -148,7 +148,7 @@ "reason": "1 out of 13 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -158,7 +158,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -168,7 +168,7 @@ "reason": "Found 12/13 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -178,7 +178,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -188,7 +188,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -198,7 +198,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -208,7 +208,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -218,7 +218,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -228,7 +228,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -238,7 +238,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -248,7 +248,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -258,7 +258,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -268,7 +268,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -278,7 +278,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -288,7 +288,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -298,7 +298,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-irsa/batcave-tf-irsa_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-irsa/batcave-tf-irsa_data.json index 213faf0609..dbd36539e5 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-irsa/batcave-tf-irsa_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-irsa/batcave-tf-irsa_data.json @@ -113,14 +113,14 @@ }, "created_at": "2022-08-25T15:43:48Z", "ossf_scorecard": { - "date": "2025-01-05T09:04:36Z", + "date": "2025-01-11T00:26:57Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-irsa", "commit": "f1464265a09ca015fb20cb0d6a29c09dfba504e9" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 5.6, "checks": [ @@ -130,7 +130,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -140,7 +140,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -150,7 +150,7 @@ "reason": "5 out of 16 merged PRs checked by a CI test -- score normalized to 3", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -160,7 +160,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -170,7 +170,7 @@ "reason": "Found 15/16 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -180,7 +180,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -190,7 +190,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -200,7 +200,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -210,7 +210,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -220,7 +220,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -230,7 +230,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -240,7 +240,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -250,7 +250,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -260,7 +260,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -270,7 +270,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -280,7 +280,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -290,7 +290,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -300,7 +300,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-karpenter/batcave-tf-karpenter_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-karpenter/batcave-tf-karpenter_data.json index 91e71902ee..c8452b5430 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-karpenter/batcave-tf-karpenter_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-karpenter/batcave-tf-karpenter_data.json @@ -109,14 +109,14 @@ }, "created_at": "2022-03-10T14:21:27Z", "ossf_scorecard": { - "date": "2025-01-05T09:05:44Z", + "date": "2025-01-11T00:28:03Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-karpenter", "commit": "6fe0677e42c8db658198fbd6bd96cb9cb07dfa46" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 5.5, "checks": [ @@ -126,7 +126,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -136,7 +136,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -146,7 +146,7 @@ "reason": "2 out of 8 merged PRs checked by a CI test -- score normalized to 2", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -156,7 +156,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -166,7 +166,7 @@ "reason": "Found 7/8 approved changesets -- score normalized to 8", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -176,7 +176,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -186,7 +186,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -196,7 +196,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -206,7 +206,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -216,7 +216,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -226,7 +226,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -236,7 +236,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -246,7 +246,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -256,7 +256,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -266,7 +266,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -276,7 +276,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -286,7 +286,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -296,7 +296,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-kms/batcave-tf-kms_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-kms/batcave-tf-kms_data.json index 2c197cbe81..e1243bf35e 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-kms/batcave-tf-kms_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-kms/batcave-tf-kms_data.json @@ -91,14 +91,14 @@ }, "created_at": "2022-03-10T14:22:49Z", "ossf_scorecard": { - "date": "2025-01-05T09:06:40Z", + "date": "2025-01-11T00:28:59Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-kms", "commit": "6c6b662f2979baebe57c27e3cad0cad6b0f179c4" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 3.5, "checks": [ @@ -108,7 +108,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -118,7 +118,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -128,7 +128,7 @@ "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -138,7 +138,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -148,7 +148,7 @@ "reason": "Found 3/4 approved changesets -- score normalized to 7", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -158,7 +158,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -168,7 +168,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -178,7 +178,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -188,7 +188,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -198,7 +198,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -208,7 +208,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -218,7 +218,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -228,7 +228,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -238,7 +238,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -248,7 +248,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -258,7 +258,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -268,7 +268,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -278,7 +278,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-lambda/batcave-tf-lambda_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-lambda/batcave-tf-lambda_data.json index ca9b3d489e..3c19b36b31 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-lambda/batcave-tf-lambda_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-lambda/batcave-tf-lambda_data.json @@ -77,14 +77,14 @@ }, "created_at": "2023-10-27T13:05:56Z", "ossf_scorecard": { - "date": "2025-01-05T09:05:22Z", + "date": "2025-01-11T00:27:37Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-lambda", "commit": "4c4cdda5c6af2e96ac067fe4185950099745c775" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 2.1, "checks": [ @@ -94,7 +94,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -104,7 +104,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -114,7 +114,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -124,7 +124,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -134,7 +134,7 @@ "reason": "Found 0/9 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -144,7 +144,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -154,7 +154,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -164,7 +164,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -174,7 +174,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -184,7 +184,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -194,7 +194,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -204,7 +204,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -214,7 +214,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -224,7 +224,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -234,7 +234,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -244,7 +244,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -254,7 +254,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -264,7 +264,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-misc-modules/batcave-tf-misc-modules_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-misc-modules/batcave-tf-misc-modules_data.json index 6ae0a92ee9..9abb55d326 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-misc-modules/batcave-tf-misc-modules_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-misc-modules/batcave-tf-misc-modules_data.json @@ -158,14 +158,14 @@ }, "created_at": "2022-08-10T15:28:44Z", "ossf_scorecard": { - "date": "2025-01-05T09:06:26Z", + "date": "2025-01-11T00:28:48Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-misc-modules", "commit": "e5771ddac4209fb5082d6c2989f3c69c3741a830" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 5, "checks": [ @@ -175,7 +175,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -185,7 +185,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -195,7 +195,7 @@ "reason": "0 out of 30 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -205,7 +205,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -215,7 +215,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -225,7 +225,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -235,7 +235,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -245,7 +245,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -255,7 +255,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -265,7 +265,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -275,7 +275,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -285,7 +285,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -295,7 +295,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -305,7 +305,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -315,7 +315,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -325,7 +325,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -335,7 +335,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -345,7 +345,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-mssql/batcave-tf-mssql_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-mssql/batcave-tf-mssql_data.json index 960d6b4828..d3b02c2621 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-mssql/batcave-tf-mssql_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-mssql/batcave-tf-mssql_data.json @@ -92,14 +92,14 @@ }, "created_at": "2023-01-27T14:29:16Z", "ossf_scorecard": { - "date": "2025-01-05T09:05:50Z", + "date": "2025-01-11T00:28:09Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-mssql", "commit": "0e1a8fec1b6d1c1b23b04417513baa522cb77cd6" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 4.7, "checks": [ @@ -109,7 +109,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -119,7 +119,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -129,7 +129,7 @@ "reason": "2 out of 7 merged PRs checked by a CI test -- score normalized to 2", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -139,7 +139,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -149,7 +149,7 @@ "reason": "Found 7/8 approved changesets -- score normalized to 8", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -159,7 +159,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -169,7 +169,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -179,7 +179,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -189,7 +189,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -199,7 +199,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -209,7 +209,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -219,7 +219,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -229,7 +229,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -239,7 +239,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -249,7 +249,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -259,7 +259,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -269,7 +269,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -279,7 +279,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-mysql/batcave-tf-mysql_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-mysql/batcave-tf-mysql_data.json index 23ce7d15f9..b8f4964dcf 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-mysql/batcave-tf-mysql_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-mysql/batcave-tf-mysql_data.json @@ -109,14 +109,14 @@ }, "created_at": "2022-06-30T16:41:38Z", "ossf_scorecard": { - "date": "2025-01-05T09:04:57Z", + "date": "2025-01-11T00:27:18Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-mysql", "commit": "c552ea7e85706cfe00b607c0cd71e4f4874f5e03" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 5.5, "checks": [ @@ -126,7 +126,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -136,7 +136,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -146,7 +146,7 @@ "reason": "2 out of 14 merged PRs checked by a CI test -- score normalized to 1", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -156,7 +156,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -166,7 +166,7 @@ "reason": "Found 13/15 approved changesets -- score normalized to 8", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -176,7 +176,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -186,7 +186,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -196,7 +196,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -206,7 +206,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -216,7 +216,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -226,7 +226,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -236,7 +236,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -246,7 +246,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -256,7 +256,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -266,7 +266,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -276,7 +276,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -286,7 +286,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -296,7 +296,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-postgresql/batcave-tf-postgresql_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-postgresql/batcave-tf-postgresql_data.json index 0c9ba64964..75142a29cd 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-postgresql/batcave-tf-postgresql_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-postgresql/batcave-tf-postgresql_data.json @@ -97,14 +97,14 @@ }, "created_at": "2022-03-10T14:23:56Z", "ossf_scorecard": { - "date": "2025-01-05T09:05:55Z", + "date": "2025-01-11T00:28:15Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-postgresql", "commit": "69448c2a3889feafbe7bba4397005724409b66ee" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 4.7, "checks": [ @@ -114,7 +114,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -124,7 +124,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -134,7 +134,7 @@ "reason": "2 out of 14 merged PRs checked by a CI test -- score normalized to 1", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -144,7 +144,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -154,7 +154,7 @@ "reason": "Found 14/15 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -164,7 +164,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -174,7 +174,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -184,7 +184,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -194,7 +194,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -204,7 +204,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -214,7 +214,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -224,7 +224,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -234,7 +234,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -244,7 +244,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -254,7 +254,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -264,7 +264,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -274,7 +274,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -284,7 +284,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-redis/batcave-tf-redis_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-redis/batcave-tf-redis_data.json index 968bf819d6..3e4ee8aabe 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-redis/batcave-tf-redis_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-redis/batcave-tf-redis_data.json @@ -89,14 +89,14 @@ }, "created_at": "2023-10-20T13:04:05Z", "ossf_scorecard": { - "date": "2025-01-05T09:06:13Z", + "date": "2025-01-11T00:28:34Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-redis", "commit": "6afcfc3b47ce3d85c58a00fac20fd9e337084567" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 4.2, "checks": [ @@ -106,7 +106,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -116,7 +116,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -126,7 +126,7 @@ "reason": "1 out of 2 merged PRs checked by a CI test -- score normalized to 5", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -136,7 +136,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -146,7 +146,7 @@ "reason": "Found 2/15 approved changesets -- score normalized to 1", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -156,7 +156,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -166,7 +166,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -176,7 +176,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -186,7 +186,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -196,7 +196,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -206,7 +206,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -216,7 +216,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -226,7 +226,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -236,7 +236,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -246,7 +246,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -256,7 +256,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -266,7 +266,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -276,7 +276,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-route53/batcave-tf-route53_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-route53/batcave-tf-route53_data.json index dfc2ddde0c..80d5ef6e8e 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-route53/batcave-tf-route53_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-route53/batcave-tf-route53_data.json @@ -107,14 +107,14 @@ }, "created_at": "2022-04-22T18:05:56Z", "ossf_scorecard": { - "date": "2025-01-05T09:06:02Z", + "date": "2025-01-11T00:28:23Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-route53", "commit": "3079e0fd62b611f805d82d504f890ff289d89fea" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 5.1, "checks": [ @@ -124,7 +124,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -134,7 +134,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -144,7 +144,7 @@ "reason": "1 out of 6 merged PRs checked by a CI test -- score normalized to 1", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -154,7 +154,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -164,7 +164,7 @@ "reason": "Found 4/22 approved changesets -- score normalized to 1", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -174,7 +174,7 @@ "reason": "project has 2 contributing companies or organizations -- score normalized to 6", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -184,7 +184,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -194,7 +194,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -204,7 +204,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -214,7 +214,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -224,7 +224,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -234,7 +234,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -244,7 +244,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -254,7 +254,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -264,7 +264,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -274,7 +274,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -284,7 +284,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -294,7 +294,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-s3-replication/batcave-tf-s3-replication_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-s3-replication/batcave-tf-s3-replication_data.json index 7aa4109333..c6ec984320 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-s3-replication/batcave-tf-s3-replication_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-s3-replication/batcave-tf-s3-replication_data.json @@ -90,14 +90,14 @@ }, "created_at": "2023-06-16T13:45:52Z", "ossf_scorecard": { - "date": "2025-01-05T09:07:13Z", + "date": "2025-01-11T00:29:32Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-s3-replication", "commit": "0c9f1b0beaa0ee420f69c701986691db4922311c" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 3, "checks": [ @@ -107,7 +107,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -117,7 +117,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -127,7 +127,7 @@ "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -137,7 +137,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -147,7 +147,7 @@ "reason": "Found 2/8 approved changesets -- score normalized to 2", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -157,7 +157,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -167,7 +167,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -177,7 +177,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -187,7 +187,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -197,7 +197,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -207,7 +207,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -217,7 +217,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -227,7 +227,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -237,7 +237,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -247,7 +247,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -257,7 +257,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -267,7 +267,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -277,7 +277,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-serverless/batcave-tf-serverless_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-serverless/batcave-tf-serverless_data.json index 2d27cac2de..76720692bb 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-serverless/batcave-tf-serverless_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-serverless/batcave-tf-serverless_data.json @@ -110,14 +110,14 @@ }, "created_at": "2022-06-23T14:15:48Z", "ossf_scorecard": { - "date": "2025-01-05T09:06:07Z", + "date": "2025-01-11T00:28:28Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-serverless", "commit": "47acb225fd4629bc1c85e13039f148012262f014" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 5.2, "checks": [ @@ -127,7 +127,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -137,7 +137,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -147,7 +147,7 @@ "reason": "1 out of 6 merged PRs checked by a CI test -- score normalized to 1", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -157,7 +157,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -167,7 +167,7 @@ "reason": "Found 4/19 approved changesets -- score normalized to 2", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -177,7 +177,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -187,7 +187,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -197,7 +197,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -207,7 +207,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -217,7 +217,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -227,7 +227,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -237,7 +237,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -247,7 +247,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -257,7 +257,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -267,7 +267,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -277,7 +277,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -287,7 +287,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -297,7 +297,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-sqs/batcave-tf-sqs_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-sqs/batcave-tf-sqs_data.json index 39e105d610..ce34f0d23f 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-sqs/batcave-tf-sqs_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-sqs/batcave-tf-sqs_data.json @@ -89,14 +89,14 @@ }, "created_at": "2023-02-03T15:31:43Z", "ossf_scorecard": { - "date": "2025-01-05T09:07:05Z", + "date": "2025-01-11T00:29:24Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-sqs", "commit": "5bcc325f5ff9248e8f596b65abae2d56541ab18f" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 2.4, "checks": [ @@ -106,7 +106,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -116,7 +116,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -126,7 +126,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -136,7 +136,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -146,7 +146,7 @@ "reason": "Found 1/4 approved changesets -- score normalized to 2", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -156,7 +156,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -166,7 +166,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -176,7 +176,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -186,7 +186,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -196,7 +196,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -206,7 +206,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -216,7 +216,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -226,7 +226,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -236,7 +236,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -246,7 +246,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -256,7 +256,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -266,7 +266,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -276,7 +276,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt-irsa/batcave-tf-utility-belt-irsa_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt-irsa/batcave-tf-utility-belt-irsa_data.json index 1eb7cbef44..df62717a1c 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt-irsa/batcave-tf-utility-belt-irsa_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt-irsa/batcave-tf-utility-belt-irsa_data.json @@ -91,14 +91,14 @@ }, "created_at": "2024-01-03T18:48:01Z", "ossf_scorecard": { - "date": "2025-01-05T09:04:50Z", + "date": "2025-01-11T00:27:11Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-utility-belt-irsa", "commit": "fb581e0d0d143afc92680906cca820bf5a598a45" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 5.1, "checks": [ @@ -108,7 +108,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -118,7 +118,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -128,7 +128,7 @@ "reason": "14 out of 14 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -138,7 +138,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -148,7 +148,7 @@ "reason": "Found 14/15 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -158,7 +158,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -168,7 +168,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -178,7 +178,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -188,7 +188,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -198,7 +198,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -208,7 +208,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -218,7 +218,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -228,7 +228,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -238,7 +238,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -248,7 +248,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -258,7 +258,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -268,7 +268,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -278,7 +278,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt/batcave-tf-utility-belt_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt/batcave-tf-utility-belt_data.json index 744a322cc4..0d75e55578 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt/batcave-tf-utility-belt_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt/batcave-tf-utility-belt_data.json @@ -91,14 +91,14 @@ }, "created_at": "2023-06-16T18:22:57Z", "ossf_scorecard": { - "date": "2025-01-05T09:05:12Z", + "date": "2025-01-11T00:27:32Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-utility-belt", "commit": "ccd00239ff8c11a099f251dfdfb8eabad146d2c7" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 4.6, "checks": [ @@ -108,7 +108,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -118,7 +118,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -128,7 +128,7 @@ "reason": "1 out of 7 merged PRs checked by a CI test -- score normalized to 1", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -138,7 +138,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -148,7 +148,7 @@ "reason": "Found 7/8 approved changesets -- score normalized to 8", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -158,7 +158,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -168,7 +168,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -178,7 +178,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -188,7 +188,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -198,7 +198,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -208,7 +208,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -218,7 +218,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -228,7 +228,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -238,7 +238,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -248,7 +248,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -258,7 +258,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -268,7 +268,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -278,7 +278,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-utilitybelt-data/batcave-tf-utilitybelt-data_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-utilitybelt-data/batcave-tf-utilitybelt-data_data.json index c8281d52a9..32e531586a 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-utilitybelt-data/batcave-tf-utilitybelt-data_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-utilitybelt-data/batcave-tf-utilitybelt-data_data.json @@ -74,14 +74,14 @@ }, "created_at": "2023-06-06T17:35:33Z", "ossf_scorecard": { - "date": "2025-01-05T09:07:17Z", + "date": "2025-01-11T00:29:36Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-utilitybelt-data", "commit": "ef0e2897d265a1b20a3b6094deb1bd9630163fb4" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 3.1, "checks": [ @@ -91,7 +91,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -101,7 +101,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -111,7 +111,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -121,7 +121,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -131,7 +131,7 @@ "reason": "Found 1/3 approved changesets -- score normalized to 3", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -141,7 +141,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -151,7 +151,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -161,7 +161,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -171,7 +171,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -181,7 +181,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -191,7 +191,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -201,7 +201,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -211,7 +211,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -221,7 +221,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -231,7 +231,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -241,7 +241,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -251,7 +251,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -261,7 +261,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-vpc/batcave-tf-vpc_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-vpc/batcave-tf-vpc_data.json index 2f9588bb70..b8f4c5208c 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-vpc/batcave-tf-vpc_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-vpc/batcave-tf-vpc_data.json @@ -101,14 +101,14 @@ }, "created_at": "2022-03-10T14:25:02Z", "ossf_scorecard": { - "date": "2025-01-05T09:06:17Z", + "date": "2025-01-11T00:28:38Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-tf-vpc", "commit": "2fa49e15c2271d880c2cc1b85e8e0ccae24831b1" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 3.9, "checks": [ @@ -118,7 +118,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -128,7 +128,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -138,7 +138,7 @@ "reason": "0 out of 25 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -148,7 +148,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -158,7 +158,7 @@ "reason": "Found 24/26 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -168,7 +168,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -178,7 +178,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -188,7 +188,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -198,7 +198,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -208,7 +208,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -218,7 +218,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -228,7 +228,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -238,7 +238,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -248,7 +248,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -258,7 +258,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -268,7 +268,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -278,7 +278,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -288,7 +288,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-workflow-engine/batcave-workflow-engine_data.json b/app/site/_data/CMS-Enterprise/batcave-workflow-engine/batcave-workflow-engine_data.json index 801236b452..106cf24adc 100644 --- a/app/site/_data/CMS-Enterprise/batcave-workflow-engine/batcave-workflow-engine_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-workflow-engine/batcave-workflow-engine_data.json @@ -151,16 +151,16 @@ }, "created_at": "2023-12-07T14:46:50Z", "ossf_scorecard": { - "date": "2025-01-05T09:04:29Z", + "date": "2025-01-11T00:26:47Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-workflow-engine", "commit": "5afd98e6e2ca1cabd01e1018692532cda810c044" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, - "score": 4.7, + "score": 4.6, "checks": [ { "details": null, @@ -168,7 +168,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -178,7 +178,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -188,7 +188,7 @@ "reason": "6 out of 8 merged PRs checked by a CI test -- score normalized to 7", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -198,7 +198,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -208,7 +208,7 @@ "reason": "Found 6/29 approved changesets -- score normalized to 2", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -218,7 +218,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -228,7 +228,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -238,7 +238,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -248,7 +248,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -258,7 +258,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -268,7 +268,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -278,7 +278,7 @@ "reason": "packaging workflow detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -288,7 +288,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -298,7 +298,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 7", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -308,7 +308,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -318,7 +318,7 @@ "reason": "Project has not signed or included provenance with any releases.", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -328,17 +328,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, - "score": 8, - "reason": "2 existing vulnerabilities detected", + "score": 6, + "reason": "4 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/batcave-wt-sdl-reporting/batcave-wt-sdl-reporting_data.json b/app/site/_data/CMS-Enterprise/batcave-wt-sdl-reporting/batcave-wt-sdl-reporting_data.json index f2536a9ac2..fed7f700cf 100644 --- a/app/site/_data/CMS-Enterprise/batcave-wt-sdl-reporting/batcave-wt-sdl-reporting_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-wt-sdl-reporting/batcave-wt-sdl-reporting_data.json @@ -183,16 +183,16 @@ }, "created_at": "2023-12-08T19:56:33Z", "ossf_scorecard": { - "date": "2025-01-05T09:04:43Z", + "date": "2025-01-11T00:27:04Z", "repo": { "name": "github.com/CMS-Enterprise/batcave-wt-sdl-reporting", "commit": "5ce92bbf0b439b4e6ee03ac0f0ce61636cc6cd58" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, - "score": 4.1, + "score": 3.7, "checks": [ { "details": null, @@ -200,7 +200,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -210,7 +210,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -220,7 +220,7 @@ "reason": "5 out of 7 merged PRs checked by a CI test -- score normalized to 7", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -230,7 +230,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -240,7 +240,7 @@ "reason": "Found 2/11 approved changesets -- score normalized to 1", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -250,7 +250,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -260,7 +260,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -270,7 +270,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -280,7 +280,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -290,7 +290,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -300,7 +300,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -310,7 +310,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -320,7 +320,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -330,7 +330,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 6", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -340,7 +340,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -350,7 +350,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -360,17 +360,17 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, - "score": 7, - "reason": "3 existing vulnerabilities detected", + "score": 3, + "reason": "7 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay/cms-ars-5.0-apache-2.4-unix-server-stig-overlay_data.json b/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay/cms-ars-5.0-apache-2.4-unix-server-stig-overlay_data.json index 6b405c6144..5cf27b9ec7 100644 --- a/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay/cms-ars-5.0-apache-2.4-unix-server-stig-overlay_data.json +++ b/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay/cms-ars-5.0-apache-2.4-unix-server-stig-overlay_data.json @@ -40,14 +40,14 @@ }, "created_at": "2022-11-04T16:30:37Z", "ossf_scorecard": { - "date": "2025-01-05T09:07:39Z", + "date": "2025-01-11T00:29:57Z", "repo": { "name": "github.com/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay", "commit": "HEAD" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": -1, "checks": null, diff --git a/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay/cms-ars-5.0-apache-2.4-unix-site-stig-overlay_data.json b/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay/cms-ars-5.0-apache-2.4-unix-site-stig-overlay_data.json index 2bf49a78a4..3ff49ccd72 100644 --- a/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay/cms-ars-5.0-apache-2.4-unix-site-stig-overlay_data.json +++ b/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay/cms-ars-5.0-apache-2.4-unix-site-stig-overlay_data.json @@ -40,14 +40,14 @@ }, "created_at": "2022-11-04T16:31:14Z", "ossf_scorecard": { - "date": "2025-01-05T09:07:38Z", + "date": "2025-01-11T00:29:56Z", "repo": { "name": "github.com/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay", "commit": "HEAD" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": -1, "checks": null, diff --git a/app/site/_data/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay_data.json b/app/site/_data/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay_data.json index 2f7497f27f..78df788516 100644 --- a/app/site/_data/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay_data.json +++ b/app/site/_data/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay_data.json @@ -59,14 +59,14 @@ }, "created_at": "2022-11-04T16:29:55Z", "ossf_scorecard": { - "date": "2025-01-05T09:07:35Z", + "date": "2025-01-11T00:29:53Z", "repo": { "name": "github.com/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay", "commit": "7fbd1e2a35302220614d33e7c9b1128412310633" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 2.2, "checks": [ @@ -76,7 +76,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -86,7 +86,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -96,7 +96,7 @@ "reason": "no pull request found", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -106,7 +106,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -116,7 +116,7 @@ "reason": "Found 0/2 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -126,7 +126,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -136,7 +136,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -146,7 +146,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -156,7 +156,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -166,7 +166,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -176,7 +176,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -186,7 +186,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -196,7 +196,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -206,7 +206,7 @@ "reason": "no SAST tool detected", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -216,7 +216,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -226,7 +226,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -236,7 +236,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -246,7 +246,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay_data.json b/app/site/_data/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay_data.json index 395aa62092..0b87f39a1d 100644 --- a/app/site/_data/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay_data.json +++ b/app/site/_data/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay_data.json @@ -58,14 +58,14 @@ }, "created_at": "2022-10-24T17:53:01Z", "ossf_scorecard": { - "date": "2025-01-05T09:07:30Z", + "date": "2025-01-11T00:29:48Z", "repo": { "name": "github.com/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay", "commit": "dda28aa1dde26b2d92741d3fc5fe97321760e096" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 2.2, "checks": [ @@ -75,7 +75,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -85,7 +85,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -95,7 +95,7 @@ "reason": "no pull request found", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -105,7 +105,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -115,7 +115,7 @@ "reason": "Found 0/1 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -125,7 +125,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -135,7 +135,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -145,7 +145,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -155,7 +155,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -165,7 +165,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -175,7 +175,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -185,7 +185,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -195,7 +195,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -205,7 +205,7 @@ "reason": "no SAST tool detected", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -215,7 +215,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -225,7 +225,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -235,7 +235,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -245,7 +245,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay_data.json b/app/site/_data/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay_data.json index 64c6b09ee1..ef78cf417f 100644 --- a/app/site/_data/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay_data.json +++ b/app/site/_data/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay_data.json @@ -91,14 +91,14 @@ }, "created_at": "2022-10-24T17:52:10Z", "ossf_scorecard": { - "date": "2025-01-05T09:07:21Z", + "date": "2025-01-11T00:29:39Z", "repo": { "name": "github.com/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay", "commit": "8db3caef3b69c88b41582b0a5376d6db8a40c853" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 3.6, "checks": [ @@ -108,7 +108,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -118,7 +118,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -128,7 +128,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -138,7 +138,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -148,7 +148,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -158,7 +158,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -168,7 +168,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -178,7 +178,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -188,7 +188,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -198,7 +198,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -208,7 +208,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -218,7 +218,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -228,7 +228,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -238,7 +238,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -248,7 +248,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -258,7 +258,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -268,7 +268,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -278,7 +278,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/CMS-Enterprise/test_05152023/test_05152023_data.json b/app/site/_data/CMS-Enterprise/test_05152023/test_05152023_data.json index a1d7f112a0..db3209362e 100644 --- a/app/site/_data/CMS-Enterprise/test_05152023/test_05152023_data.json +++ b/app/site/_data/CMS-Enterprise/test_05152023/test_05152023_data.json @@ -74,14 +74,14 @@ }, "created_at": "2023-05-15T16:38:05Z", "ossf_scorecard": { - "date": "2025-01-05T09:07:33Z", + "date": "2025-01-11T00:29:50Z", "repo": { "name": "github.com/CMS-Enterprise/test_05152023", "commit": "4c6e4fbc20b6e193ea435fc1086513313b9ac8e9" }, "scorecard": { - "version": "v5.0.0-125-g975ee230", - "commit": "975ee2304ef7097c94a377fe95976604b4adcf22" + "version": "v5.0.0-132-g43d5832d", + "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" }, "score": 2.8, "checks": [ @@ -91,7 +91,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -101,7 +101,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -111,7 +111,7 @@ "reason": "no pull request found", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -121,7 +121,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -131,7 +131,7 @@ "reason": "Found 0/3 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -141,7 +141,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -151,7 +151,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -161,7 +161,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -171,7 +171,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -181,7 +181,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -191,7 +191,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -201,7 +201,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -211,7 +211,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -221,7 +221,7 @@ "reason": "no SAST tool detected", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -231,7 +231,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -241,7 +241,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -251,7 +251,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -261,7 +261,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/975ee2304ef7097c94a377fe95976604b4adcf22/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } }