You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
looking at the scorecard-trusted process history it takes an average of ⚠️180m, it doesn't make sense to have an action running on every pull request (this comment), ideally run as a periodic task.
With so much software today relying on open-source projects, consumers need an easy way to judge whether their dependencies are safe. Scorecards helps reduce the toil and manual effort required to continually evaluate changing packages when maintaining a project’s supply chain. Consumers can automatically assess the risks that dependencies introduce and use this data to make informed decisions about accepting these risks, evaluating alternative solutions, or working with the maintainers to make improvements. continue reading
looking at the⚠️ 180m, it doesn't make sense to have an action running on every pull request (this comment), ideally run as a periodic task.
scorecard-trusted
process history it takes an average ofref: https://github.com/ossf/scorecard/blob/main/.github/workflows/integration.yml
example:
The text was updated successfully, but these errors were encountered: