v4.12.0
This version of Scorecard supports GitLab repos by default.
This release also adds preliminary support for the scdiff command which can be used to compare changes in Scorecard scores for a repository between versions of Scorecard, as well as probe support for the Security-Policy check.
Finally, this release fixes scoring issues in the Branch-Protection and Pinned-Dependencies checks.
What's Changed
WIP
- ✨ GitLab: Release by @raghavkaul in #3340
- ✨ [experimental] Probe support for security policy check by @laurentsimon in #3241
Bug Fixes
- 🐛 Fix Branch-Protection scoring by @gabibguti in #3251
- 🐛 Forgive job-level permissions by @pnacht in #3162
- 🐛 Add npm installs to Pinned-Dependencies score by @gabibguti in #2960
Docs
- 📖 Add release process by @spencerschrock in #3322
- 📖 Update GitHub documentation links by @martincostello in #3318
- 📖 Fixed slack badge on README by @eddie-knight in #3311
- 📖 update docs for webhooks documentation by @leec94 in #3299
- 📖 Add contributor ladder by @pnacht in #3246
- 📖 Suggest new score viewer on badge documentation by @diogoteles08 in #3268
- 📖 Update Branch-Protection admin and non-admin requirements by @gabibguti, @pnacht in #2772
New Contributors
- @ajmalab made their first contribution in #3248
- @eustas made their first contribution in #3267
- @martincostello made their first contribution in #3318
- @thepwagner made their first contribution in #3327
- @aaguiarz made their first contribution in #3337
Full Changelog: v4.11.0...v4.12.0
Contributors
eustas, martincostello, and 11 other contributors