Comments (6)
@inferno-chromium When do you think we should release? Do you already have some thoughts?
from scorecard.
@inferno-chromium When do you think we should release? Do you already have some thoughts?
Lets do one now, totally agree, just add a few release notes (4-5 bullet points) on high-level changes. E.g. we do like https://github.com/google/clusterfuzz/releases/tag/v2.0.2 , thoughts?
We can do a 1.1.0 and in future can release more often. wdyt
from scorecard.
Sounds good. Right now the goreleaser is set to automatically release based on new tags
with release notes.#117, we could turn off the adding release notes and then manually add one.
Thoughts?
from scorecard.
Sounds good. Right now the goreleaser is set to automatically release based on new
tags
with release notes.#117, we could turn off the adding release notes and then manually add one.Thoughts?
Actually i like the automated version, forgot about this. Can you push a release then. In future, we can release often so that list is more readable.
from scorecard.
Sounds good. Right now the goreleaser is set to automatically release based on new
tags
with release notes.#117, we could turn off the adding release notes and then manually add one.
Thoughts?Actually i like the automated version, forgot about this. Can you push a release then. In future, we can release often so that list is more readable.
I will push a tag v1.1.0
from scorecard.
It was released https://github.com/ossf/scorecard/releases/tag/v1.1.0 , Thanks
from scorecard.
Related Issues (20)
- 📜 GitLab Integration Check Validations HOT 1
- Feature: re-visit the need for multiple RunScorecard function HOT 2
- Feature: retrieve local branch on local / git repo
- BUG: Vulnerabilities check "Failed to resolve version"
- BUG: Pinned-Dependencies fails for jobs with complex matrix-defined OS
- BUG: Security-Policy throws a warning if target repo's org has an empty .github repo
- Feature: structured results visualization
- Allowing users to integrate external checks via blank-imports HOT 3
- GitLab: Validate CII-Best-Practices
- GitLab: Validate Code Review check
- GitLab: Validate Fuzzing check
- GitLab: Validate Contributors check
- GitLab: Validate License check HOT 1
- Feature: add tests to probe format results HOT 1
- Branch-Protection: Review/remove scoring based on Tiers
- BUG: dependabot detected in a project without dependabot HOT 1
- Feature: Consider go vet a SAST tool HOT 1
- Sudden e2e test failures in 2 tests HOT 1
- Should `security-events: read` be considered a dangerous permission? HOT 13
- The "vulnerabilities" check seems to be flaky HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from scorecard.