Skip to content

Commit

Permalink
Add tags to scorecards prescriptions
Browse files Browse the repository at this point in the history
  • Loading branch information
@mayaCostantini
mayaCostantini committed Jul 29, 2022
1 parent 8de771c commit ee24cbf
Showing 1 changed file with 21 additions and 0 deletions.
21 changes: 21 additions & 0 deletions thoth/prescriptions_refresh/handlers/scorecards.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@
message: {message}
link: https://github.com/ossf/scorecard/blob/main/docs/checks.md
package_name: {package_name}
tag: {tag}
"""

_THOTH_PRESCRIPTIONS_REFRESH_SCORECARD_FRESHNESS_WEEKS = int(
Expand Down Expand Up @@ -91,6 +92,7 @@ def _handle_code_review(
package_name=project_name,
type=justification_type,
message=message,
tag="code-review",
),
commit_message=f"Code-Review Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -129,6 +131,7 @@ def _handle_active(
package_name=project_name,
type=justification_type,
message=message,
tag="actively-maintained",
),
commit_message=f"Active Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -167,6 +170,7 @@ def _handle_automatic_dependency_update(
package_name=project_name,
type=justification_type,
message=message,
tag="automatic-updates",
),
commit_message=f"Automatic-Dependency-Update Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -205,6 +209,7 @@ def _handle_branch_protection(
package_name=project_name,
type=justification_type,
message=message,
tag="branch-protection",
),
commit_message=f"Branch-Protection Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -246,6 +251,7 @@ def _handle_token_permissions(
package_name=project_name,
type=justification_type,
message=message,
tag="least-privileged-workflow",
),
commit_message=f"Token-Permissions Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -284,6 +290,7 @@ def _handle_security_policy(
package_name=project_name,
type=justification_type,
message=message,
tag="security-policy",
),
commit_message=f"Security-Policy Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -322,6 +329,7 @@ def _handle_signed_releases(
package_name=project_name,
type=justification_type,
message=message,
tag="signed-releases",
),
commit_message=f"Signed-Releases Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -360,6 +368,7 @@ def _handle_signed_tags(
package_name=project_name,
type=justification_type,
message=message,
tag="cryptographically-signed",
),
commit_message=f"Signed-Tags Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -398,6 +407,7 @@ def _handle_fuzzing(
package_name=project_name,
type=justification_type,
message=message,
tag="fuzzing",
),
commit_message=f"Fuzzing Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -441,6 +451,7 @@ def _handle_vulnerabilities(
package_name=project_name,
type=justification_type,
message=message,
tag="unfixed-vulnerabilities",
),
commit_message=f"Vulnerabilities Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -479,6 +490,7 @@ def _handle_packaging(
package_name=project_name,
type=justification_type,
message=message,
tag="published-package",
),
commit_message=f"Packaging Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -517,6 +529,7 @@ def _handle_binary_artifacts(
package_name=project_name,
type=justification_type,
message=message,
tag="binary-artifacts",
),
commit_message=f"Binary-Artifacts Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -555,6 +568,7 @@ def _handle_cii_best_practices(
package_name=project_name,
type=justification_type,
message=message,
tag="cii",
),
commit_message=f"CII-Best-Practices Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -593,6 +607,7 @@ def _handle_pinned_dependencies(
package_name=project_name,
type=justification_type,
message=message,
tag="pinned-dependencies",
),
commit_message=f"Pinned-Dependencies Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -631,6 +646,7 @@ def _handle_contributors(
package_name=project_name,
type=justification_type,
message=message,
tag="multiple-companies-contributors",
),
commit_message=f"Contributors Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -669,6 +685,7 @@ def _handle_ci_tests(
package_name=project_name,
type=justification_type,
message=message,
tag="ci-tests",
),
commit_message=f"CI-Tests Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -707,6 +724,7 @@ def _handle_sast(
package_name=project_name,
type=justification_type,
message=message,
tag="static-analysis",
),
commit_message=f"SAST Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -745,6 +763,7 @@ def _handle_dangerous_workflow(
package_name=project_name,
type=justification_type,
message=message,
tag="dangerous-patterns",
),
commit_message=f"Dangerous-Workflow Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -783,6 +802,7 @@ def _handle_license(
package_name=project_name,
type=justification_type,
message=message,
tag="license",
),
commit_message=f"Licence Security Scorecards update for {project_name!r}",
)
Expand Down Expand Up @@ -823,6 +843,7 @@ def _handle_webhooks(
package_name=project_name,
type=justification_type,
message=message,
tag="webhook-token",
),
commit_message=f"Webhooks Security Scorecards update for {project_name!r}",
)
Expand Down

0 comments on commit ee24cbf

Please sign in to comment.