Skip to content

New policies #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Jul 26, 2021
Merged

New policies #19

merged 6 commits into from
Jul 26, 2021

Conversation

@jeffmendoza
Copy link
Member

@jeffmendoza jeffmendoza commented Jul 22, 2021

Add 3 new policies to allstar.

  • Security.md to verify that exists.
  • Outside collaborator, to prevent admins outside an org.
  • Binary Artifacts, the first policy adapted from a scorecard check.

Note: moving to an older version of go-github to match scorecard until google/go-github#2016 is released.

@jeffmendoza
Add SECURITY.md policy.
ba4dcaf 
Checks that file exists and is not empty. Issue action supported, Fix action to
be added in the future
@jeffmendoza
Outside Collaborator policy.
f5bf5e0 
Policy to disallow outside collaborators with admin or push access.
@jeffmendoza
Add Binary Artifacts policy.
f861259 
This is the first policy that uses a scorecard check. Needed to move to v32 of
go-github to match scorecard. Future go-github should allow easy conversion.
@jeffmendoza
Update Binary Artifacts policy to use new scorecard check interface.
2f4a932
@jeffmendoza
Fix imports after merging policies into single branch.
a561281
azeemshaikh38
azeemshaikh38 reviewed Jul 22, 2021
View reviewed changes
azeemshaikh38
azeemshaikh38 reviewed Jul 22, 2021
View reviewed changes
azeemshaikh38
azeemshaikh38 reviewed Jul 22, 2021
View reviewed changes
azeemshaikh38
azeemshaikh38 reviewed Jul 23, 2021
View reviewed changes
azeemshaikh38
azeemshaikh38 reviewed Jul 23, 2021
View reviewed changes
pkg/policies/security/security_test.go Outdated
if err != nil {
t.Fatalf("Unexpected error: %v", err)
}
if !reflect.DeepEqual(res, &test.Exp) {
Copy link

@azeemshaikh38 azeemshaikh38 Jul 23, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider using github.com/google/go-cmp/cmp here.

Copy link
Member Author

@jeffmendoza jeffmendoza Jul 23, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TIL, will do.

Copy link
Member Author

@jeffmendoza jeffmendoza Jul 23, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated ptal.

azeemshaikh38
azeemshaikh38 reviewed Jul 23, 2021
View reviewed changes
azeemshaikh38
azeemshaikh38 reviewed Jul 23, 2021
View reviewed changes
azeemshaikh38
azeemshaikh38 reviewed Jul 23, 2021
View reviewed changes
azeemshaikh38
azeemshaikh38 reviewed Jul 23, 2021
View reviewed changes
azeemshaikh38
azeemshaikh38 previously approved these changes Jul 23, 2021
View reviewed changes
@jeffmendoza
Copy link
Member Author

jeffmendoza commented Jul 26, 2021

@azeemshaikh38 @laurentsimon Can I get this re-approved ( I have dismiss stale turned on )

@azeemshaikh38
Copy link

azeemshaikh38 commented Jul 26, 2021

@azeemshaikh38 @laurentsimon Can I get this re-approved ( I have dismiss stale turned on )

done.

@jeffmendoza jeffmendoza merged commit 70d3e36 into ossf:main Jul 26, 2021
@jeffmendoza jeffmendoza deleted the new-policies branch July 26, 2021 17:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@inferno-chromium inferno-chromium Awaiting requested review from inferno-chromium

@dlorenc dlorenc Awaiting requested review from dlorenc

1 more reviewer

@azeemshaikh38 azeemshaikh38 azeemshaikh38 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jeffmendoza @azeemshaikh38