scorecard

github.com

OpenSSF Scorecard - Security health metrics for Open Source - ossf/scorecard

4 pages link to this URL

Home

Undefined Jan 1, 2000

Quickly assess open source projects for risky practices

0 inbound links website en scorecardsscorecardopenssfslsasigstoresecurityvulnerabilitiescvesupply chainsupply-chain

Home

Undefined Jan 1, 2000

Quickly assess open source projects for risky practices

0 inbound links website en scorecardsscorecardopenssfslsasigstoresecurityvulnerabilitiescvesupply chainsupply-chain

What the fork? Imposter commits in GitHub Actions and CI/CD

chainguard.dev Mar 8, 2023

Chainguard found a vulnerability in GitHub Actions that bypasses allowed Workflow settings by using commits from forked repositories. Read the report.

10 inbound links website en githubgithub actionsgithub vulnerabilitychainguard enforcesoftware supply chain

Securing GitHub Actions CI dependencies: Recipe card

CNCF Posted May 4, 2026

🗹 Source the Best Ingredients: Evaluate before using / Trust the source: Prefer actions from trusted organisations (or GitHub org itself) 🗹 Measure precisely: Limit permissions and access to the…

0 inbound links article en