Commits

dhruvhead / scorecard UNCLAIMED

0 0 1 Go

main

May 19, 2026

:seedling: Bump github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1 (#5067)

dependabot[bot] committed 19d ago

916bfc5

May 12, 2026

:seedling: Bump github.com/in-toto/in-toto-golang in /tools (#5050)

dependabot[bot] committed 26d ago

cf383a0

:seedling: Bump github.com/go-git/go-git/v5 from 5.18.0 to 5.19.0 (#5054)

dependabot[bot] committed 27d ago

197a165

May 4, 2026

:seedling: Bump the github-actions group across 1 directory with 8 updates (#5029)

dependabot[bot] committed 1mo ago

117f744

April 29, 2026

:sparkles: Update unsafeblock probe to detect use of Java's Unsafe classes (#4849)

Thomas Leplus committed 1mo ago

4986a99

April 27, 2026

🌱 ci: use ginkgo --flake-attempts instead of nick-invision/retry for e2e tests (#5013)

Ali Asghar committed 1mo ago

cc033d6

April 23, 2026

docs: clarify partial credit for branch protection tiers (#5010)

aban-alazzeh committed 1mo ago

09a80e3

:book: Set GitLab support for Code-Review and Dependency-Update-Tool (#4963)

Diogo Correia committed 1mo ago

b6c394c

:bug: Fix check metadata which skipped some supported checks (#5034)

Spencer Schrock committed 1mo ago

c395761

:seedling: Bump the distroless group across 6 directories with 1 update (#5016)

dependabot[bot] committed 1mo ago

1852490

:seedling: Bump the golang group across 8 directories with 1 update (#5015)

dependabot[bot] committed 1mo ago

5d3ec19

:seedling: Bump github.com/go-git/go-git/v5 from 5.16.5 to 5.18.0 (#5032)

dependabot[bot] committed 1mo ago

be6efba

:seedling: Bump github.com/jackc/pgx/v5 from 5.7.6 to 5.9.2 in /tools (#5031)

dependabot[bot] committed 1mo ago

cf2aef8

April 17, 2026

:seedling: Add @JamieMagee as codeowner for Azure DevOps client (#5024)

Jamie Magee committed 1mo ago

a1d03ef

April 16, 2026

:seedling: Bump github.com/sigstore/timestamp-authority/v2 in /tools (#5018)

dependabot[bot] committed 1mo ago

4b8e9d1

:seedling: Bump github.com/aws/aws-sdk-go-v2/service/s3 in /tools (#5007)

dependabot[bot] committed 1mo ago

424f70c

:seedling: Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0 (#5011)

dependabot[bot] committed 1mo ago

29f186e

:seedling: Bump go.opentelemetry.io/otel/sdk in /tools (#5012)

dependabot[bot] committed 1mo ago

e8b8afe

:seedling: Bump github.com/go-jose/go-jose/v4 in /tools (#4999)

dependabot[bot] committed 1mo ago

5ee2014

April 8, 2026

:sparkles: Skip checks that don't apply to the current repo type (#5000)

Jamie Magee committed 2mo ago

81b3804

:seedling: Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 (#4998)

dependabot[bot] committed 2mo ago

56e538e

fix: Fix PR template formatting (#5003)

Martin Costello committed 2mo ago

b037ee6

April 6, 2026

:seedling: e2e: add Azure DevOps tests (#4993)

Jamie Magee committed 2mo ago

9ee282d

March 30, 2026

:book: Scorecard v6: OSPS Baseline conformance proposal and 2026 roadmap (#4952)

Stephen Augustus committed 2mo ago

76c3e11

March 24, 2026

:seedling: Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 (#4943)

dependabot[bot] committed 2mo ago

33539d6

March 23, 2026

:seedling: Bump actions/setup-go from 6.2.0 to 6.3.0 (#4955)

dependabot[bot] committed 2mo ago

1d5ea07

:seedling: Bump the distroless group across 6 directories with 1 update (#4935)

dependabot[bot] committed 2mo ago

b66ce4b

:seedling: Bump the golang group across 8 directories with 1 update (#4962)

dependabot[bot] committed 2mo ago

0fb965a

:seedling: Bump the github-actions group across 1 directory with 10 updates (#4975)

dependabot[bot] committed 2mo ago

3cc3ff4

:seedling: Bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 (#4949)

dependabot[bot] committed 2mo ago

d6d372e