mirror of
https://github.com/inventree/InvenTree.git
synced 2025-06-19 05:25:42 +00:00
Add OSSF Scorecard (#6769)
* Create scorecard.yml * Add badge * disable publishing * Add security improvements (#181) * Add OSSF Scorecard (#179) * Create scorecard.yml * Add badge * disable publishing * [StepSecurity] Apply security best practices (#180) * [StepSecurity] Apply security best practices Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> * Update .pre-commit-config.yaml * Update dependabot.yml * Delete .github/workflows/dependency-review.yml --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: Matthias Mair <code@mjmair.com> --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: StepSecurity Bot <bot@stepsecurity.io> * Update to upstream project * disable shellcheck for now --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: StepSecurity Bot <bot@stepsecurity.io>
This commit is contained in:
Matthias Mair
GitHub
36
.github/dependabot.yml
vendored
Normal file
36
.github/dependabot.yml
vendored
Normal file
@ -0,0 +1,36 @@
|
||||
version: 2
|
||||
updates:
|
||||
- package-ecosystem: github-actions
|
||||
directory: /
|
||||
schedule:
|
||||
interval: daily
|
||||
|
||||
- package-ecosystem: docker
|
||||
directory: /
|
||||
schedule:
|
||||
interval: daily
|
||||
|
||||
- package-ecosystem: pip
|
||||
directory: /docker
|
||||
schedule:
|
||||
interval: daily
|
||||
|
||||
- package-ecosystem: pip
|
||||
directory: /docs
|
||||
schedule:
|
||||
interval: daily
|
||||
|
||||
- package-ecosystem: npm
|
||||
directory: /
|
||||
schedule:
|
||||
interval: daily
|
||||
|
||||
- package-ecosystem: pip
|
||||
directory: /
|
||||
schedule:
|
||||
interval: daily
|
||||
|
||||
- package-ecosystem: npm
|
||||
directory: /src/frontend
|
||||
schedule:
|
||||
interval: daily
|
||||
Reference in New Issue
Block a user