Skip to content

Pull requests: ossf/scorecard

New pull request New
26 Open 3,634 Closed
26 Open 3,634 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

🌱 Bump github.com/anchore/quill from 0.5.1 to 0.7.1 in /tools dependencies Pull requests that update a dependency file go Pull requests that update Go code size:M This PR changes 30-99 lines, ignoring generated files.
#4964 opened Mar 11, 2026 by dependabot bot Loading…
📖 Set GitLab support for Code-Review and Dependency-Update-Tool size:S This PR changes 10-29 lines, ignoring generated files.
#4963 opened Mar 9, 2026 by dvcorreia Loading…
1 of 2 tasks
🌱 Bump the golang group across 8 directories with 1 update dependencies Pull requests that update a dependency file docker Pull requests that update Docker code size:S This PR changes 10-29 lines, ignoring generated files.
#4962 opened Mar 9, 2026 by dependabot bot Loading…
🌱 Bump github.com/docker/cli from 29.1.3+incompatible to 29.2.0+incompatible in /tools dependencies Pull requests that update a dependency file go Pull requests that update Go code size:XS This PR changes 0-9 lines, ignoring generated files.
#4958 opened Mar 5, 2026 by dependabot bot Loading…
✨ Support multiple fuzz configs per language; add Python Hypothesis size:L This PR changes 100-499 lines, ignoring generated files.
#4957 opened Mar 2, 2026 by Fieldnote-Echo Loading…
1 task done
1
🌱 Bump the github-actions group across 1 directory with 6 updates dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code size:M This PR changes 30-99 lines, ignoring generated files.
#4956 opened Mar 2, 2026 by dependabot bot Loading…
🌱 Bump actions/setup-go from 6.2.0 to 6.3.0 dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code size:M This PR changes 30-99 lines, ignoring generated files.
#4955 opened Mar 2, 2026 by dependabot bot Loading…
🌱 Bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code size:S This PR changes 10-29 lines, ignoring generated files. Stale
#4954 opened Mar 1, 2026 by dependabot bot Loading…
1
🌱 Bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 in /tools dependencies Pull requests that update a dependency file go Pull requests that update Go code size:S This PR changes 10-29 lines, ignoring generated files. Stale
#4953 opened Mar 1, 2026 by dependabot bot Loading…
1
📖 Scorecard v6: OSPS Baseline conformance proposal and 2026 roadmap size:XXL This PR changes 1000+ lines, ignoring generated files.
#4952 opened Feb 27, 2026 by justaugustus Draft
1 of 2 tasks
69
feat: update fuzzing check for memory-safe languages size:L This PR changes 100-499 lines, ignoring generated files.
#4950 opened Feb 26, 2026 by garvit-bhattt Loading…
1
🌱 Bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 dependencies Pull requests that update a dependency file go Pull requests that update Go code size:XS This PR changes 0-9 lines, ignoring generated files.
#4949 opened Feb 25, 2026 by dependabot bot Loading…
🌱 Bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 in /tools dependencies Pull requests that update a dependency file go Pull requests that update Go code size:XS This PR changes 0-9 lines, ignoring generated files.
#4948 opened Feb 25, 2026 by dependabot bot Loading…
docs: add remediation guidance for unpinned pip installs size:S This PR changes 10-29 lines, ignoring generated files.
#4946 opened Feb 25, 2026 by D9mond Loading…
1 of 2 tasks
5
🌱 Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code size:XS This PR changes 0-9 lines, ignoring generated files.
#4943 opened Feb 23, 2026 by dependabot bot Loading…
🌱 Bump github.com/rhysd/actionlint from 1.7.9 to 1.7.11 dependencies Pull requests that update a dependency file go Pull requests that update Go code size:XS This PR changes 0-9 lines, ignoring generated files.
#4940 opened Feb 16, 2026 by dependabot bot Loading…
🌱 Bump the distroless group across 6 directories with 1 update dependencies Pull requests that update a dependency file docker Pull requests that update Docker code size:S This PR changes 10-29 lines, ignoring generated files.
#4935 opened Feb 9, 2026 by dependabot bot Loading…
✨feat: Add Private Vulnerability Reporting probe to Security-Policy check size:L This PR changes 100-499 lines, ignoring generated files.
#4929 opened Feb 4, 2026 by Ironankit525 Loading…
4
✨ CLI flag to skip unsupported repo checks size:L This PR changes 100-499 lines, ignoring generated files. Stale
#4921 opened Jan 27, 2026 by dvcorreia Loading…
1 of 2 tasks
1
3
🌱 Add cryptographic verification of release signatures
#4902 opened Jan 8, 2026 by AdamKorcz Draft
2 tasks done
3
🌱 Maintained check: New probe: Inactive Maintainers size:XXL This PR changes 1000+ lines, ignoring generated files.
#4893 opened Dec 26, 2025 by AdamKorcz Loading…
1 task done
1
6
🐛 New check: Secret scanning size:XXL This PR changes 1000+ lines, ignoring generated files.
#4878 opened Dec 12, 2025 by AdamKorcz Draft
2 tasks done
6
🌱 Vulnerabilities check: New probe: Do releases have direct dependencies with known vulnerabilities? size:XXL This PR changes 1000+ lines, ignoring generated files.
#4876 opened Dec 9, 2025 by AdamKorcz Loading…
2 tasks done
7
🌱 New check: Mean time to update dependencies size:XXL This PR changes 1000+ lines, ignoring generated files.
#4868 opened Dec 3, 2025 by AdamKorcz Draft
2 tasks done
1
7
🌱 Maintained Check: New probe: Do maintainers respond to public bug and security issues? size:XXL This PR changes 1000+ lines, ignoring generated files.
#4867 opened Dec 1, 2025 by AdamKorcz Loading…
1 task done
8
ProTip! Find all pull requests that aren't related to any open issues with -linked:issue.