Add OSSF Scorecard (#6769)

* Create scorecard.yml * Add badge * disable publishing * Add security improvements (#181) * Add OSSF Scorecard (#179) * Create scorecard.yml * Add badge * disable publishing * [StepSecurity] Apply security best practices (#180) * [StepSecurity] Apply security best practices Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> * Update .pre-commit-config.yaml * Update dependabot.yml * Delete .github/workflows/dependency-review.yml --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: Matthias Mair <code@mjmair.com> --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: StepSecurity Bot <bot@stepsecurity.io> * Update to upstream project * disable shellcheck for now --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: StepSecurity Bot <bot@stepsecurity.io>
2025-06-15 03:25:42 +00:00 · 2024-03-21 00:11:49 +01:00
parent 309263bf03
commit b46b200101
7 changed files with 130 additions and 4 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -71,3 +71,11 @@ repos:
      - "@typescript-eslint/eslint-plugin@latest"
      - "@typescript-eslint/parser"
    files: ^src/frontend/.*\.(js|jsx|ts|tsx)$
+-   repo: https://github.com/gitleaks/gitleaks
+    rev: v8.16.3
+    hooks:
+    -   id: gitleaks
+#-   repo: https://github.com/jumanjihouse/pre-commit-hooks
+#    rev: 3.0.0
+#    hooks:
+#    -   id: shellcheck