Skip to content

CI: OpenSSF Scorecard integration#90

Open
DNKpp wants to merge 5 commits into
developmentfrom
dev/OpenSSF_Scoreboard
Open

CI: OpenSSF Scorecard integration#90
DNKpp wants to merge 5 commits into
developmentfrom
dev/OpenSSF_Scoreboard

Conversation

@DNKpp

@DNKpp DNKpp commented Jan 6, 2025

Copy link
Copy Markdown
Owner

No description provided.

@DNKpp DNKpp changed the title CI: OpenSSF Scoreboard integration CI: OpenSSF Scorecard integration Jan 6, 2025
@DNKpp DNKpp closed this Jan 6, 2025
@DNKpp DNKpp deleted the dev/OpenSSF_Scoreboard branch January 6, 2025 20:01
@DNKpp DNKpp restored the dev/OpenSSF_Scoreboard branch January 6, 2025 20:01
@DNKpp DNKpp reopened this Jan 6, 2025
@github-advanced-security

Copy link
Copy Markdown

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.


steps:
- name: "Checkout code"
uses: actions/checkout@v4

Check warning

Code scanning / Scorecard

Pinned-Dependencies

score is 0: GitHub-owned GitHubAction not pinned by hash Click Remediation section below to solve this issue
Comment thread .github/workflows/scorecard.yml Fixed
Comment thread .github/workflows/scorecard.yml Fixed
# Upload the results to GitHub's code scanning dashboard (optional).
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@v3

Check warning

Code scanning / Scorecard

Pinned-Dependencies

score is 0: GitHub-owned GitHubAction not pinned by hash Click Remediation section below to solve this issue
@codacy-production

codacy-production Bot commented Jan 6, 2025

Copy link
Copy Markdown

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation Diff coverage
+0.00% (target: -1.00%)
Coverage variation details
Coverable lines Covered lines Coverage
Common ancestor commit (dc24ef2) 1198 1194 99.67%
Head commit (eb61f62) 1198 (+0) 1194 (+0) 99.67% (+0.00%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details
Coverable lines Covered lines Diff coverage
Pull request (#90) 0 0 ∅ (not applicable)

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

Codacy stopped sending the deprecated coverage status on June 5th, 2024. Learn more

@coveralls

coveralls commented Jan 6, 2025

Copy link
Copy Markdown

Pull Request Test Coverage Report for Build 12652439507

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 99.666%

Totals Coverage Status
Change from base Build 12651683359: 0.0%
Covered Lines: 1194
Relevant Lines: 1198

💛 - Coveralls

@codecov

codecov Bot commented Jan 6, 2025

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 96.82%. Comparing base (dc24ef2) to head (eb61f62).
⚠️ Report is 1076 commits behind head on development.

Additional details and impacted files
@@             Coverage Diff              @@
##           development      #90   +/-   ##
============================================
  Coverage        96.82%   96.82%           
============================================
  Files               20       20           
  Lines             1198     1198           
  Branches           412      412           
============================================
  Hits              1160     1160           
  Misses              10       10           
  Partials            28       28           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@DNKpp DNKpp force-pushed the dev/OpenSSF_Scoreboard branch from 74ca3f2 to f4e4a03 Compare January 7, 2025 12:52
Comment thread .github/workflows/scorecard.yml Fixed
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@v4

Check warning

Code scanning / Scorecard

Pinned-Dependencies

score is 0: GitHub-owned GitHubAction not pinned by hash Click Remediation section below to solve this issue
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants