Improve OpenSSF Scorecard Score
pjbgf opened this issue · 0 comments
pjbgf commented
"The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects."
As of 3rd January, fluxcd/image-reflector-controller scores 6.2/10. For latest score check deps.dev or manually execute scorecard.
Areas to focus on:
- Token-Permissions
- Pinned-Dependencies
- Fuzzing