Improve OpenSSF Scorecard Score

"The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects."

As of 3rd January, fluxcd/source-controller scores **6.1/10**. For latest score check [deps.dev](https://deps.dev/go/github.com%2Ffluxcd%2Fsource-controller) or [manually execute scorecard](https://github.com/ossf/scorecard#basic-usage).

![image](https://user-images.githubusercontent.com/5452977/148992142-83272299-20ae-448f-a01a-c08808b9cf08.png)

Areas to focus on:
- Token-Permissions
  - https://github.com/fluxcd/source-controller/pull/551
- Pinned-Dependencies
- Fuzzing
  - https://github.com/fluxcd/source-controller/pull/443


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Improve OpenSSF Scorecard Score #537

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Improve OpenSSF Scorecard Score #537

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions