├── .github ├── CODEOWNERS ├── dependabot.yml └── workflows │ ├── codeql.yml │ ├── postmerge.yaml │ ├── pr.yaml │ ├── release.yaml │ └── stale.yml ├── .gitignore ├── .golangci.yml ├── CONTRIBUTING.md ├── LICENSE ├── MAINTAINERS.md ├── README.md ├── SECURITY.md ├── app-prod.yaml ├── app-staging.yaml ├── artwork ├── README.md ├── openssf_allstar_alt.png └── openssf_allstar_alt.svg ├── cloudbuild.yaml ├── cmd └── allstar │ └── main.go ├── code-of-conduct.md ├── contributor-ladder.md ├── deploy ├── examples └── gha-allstar-run.yml ├── github-action-installation.md ├── go.mod ├── go.sum ├── install-decision.jpg ├── manual-install.md ├── operator.md ├── opt-out.md ├── pkg ├── config │ ├── config.go │ ├── config_test.go │ ├── contents.go │ ├── location.go │ ├── operator │ │ ├── operator.go │ │ └── operator_test.go │ └── schedule │ │ ├── schedule.go │ │ └── schedule_test.go ├── enforce │ ├── enforce.go │ └── enforce_test.go ├── ghclients │ ├── ghclients.go │ ├── ghclients_test.go │ └── memorycache.go ├── issue │ ├── issue.go │ └── issue_test.go ├── policies │ ├── action │ │ ├── action.go │ │ ├── action_test.go │ │ ├── caches.go │ │ ├── eval.go │ │ ├── results.go │ │ └── test_workflows │ │ │ ├── actionless.yaml │ │ │ ├── basic.yaml │ │ │ ├── go-workflow.yaml │ │ │ ├── gradle-wrapper-validate-outdated.yaml │ │ │ ├── gradle-wrapper-validate.yaml │ │ │ ├── invalid.yaml │ │ │ ├── no-on.yaml │ │ │ └── version-pinned.yaml │ ├── admin │ │ ├── admin.go │ │ └── admin_test.go │ ├── binary │ │ ├── binary.go │ │ └── binary_test.go │ ├── branch │ │ ├── branch.go │ │ └── branch_test.go │ ├── codeowners │ │ ├── codeowners.go │ │ └── codeowners_test.go │ ├── outside │ │ ├── outside.go │ │ └── outside_test.go │ ├── policies.go │ ├── scorecard │ │ ├── scorecard.go │ │ └── scorecard_test.go │ ├── security │ │ ├── security.go │ │ └── security_test.go │ └── workflow │ │ ├── workflow.go │ │ └── workflow_test.go ├── policydef │ └── policydef.go └── scorecard │ ├── scorecard.go │ └── scorecard_test.go └── whats-new.md /.github/CODEOWNERS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/.github/CODEOWNERS -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/workflows/codeql.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/.github/workflows/codeql.yml -------------------------------------------------------------------------------- /.github/workflows/postmerge.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/.github/workflows/postmerge.yaml -------------------------------------------------------------------------------- /.github/workflows/pr.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/.github/workflows/pr.yaml -------------------------------------------------------------------------------- /.github/workflows/release.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/.github/workflows/release.yaml -------------------------------------------------------------------------------- /.github/workflows/stale.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/.github/workflows/stale.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/.gitignore -------------------------------------------------------------------------------- /.golangci.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/.golangci.yml -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/LICENSE -------------------------------------------------------------------------------- /MAINTAINERS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/MAINTAINERS.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/SECURITY.md -------------------------------------------------------------------------------- /app-prod.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/app-prod.yaml -------------------------------------------------------------------------------- /app-staging.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/app-staging.yaml -------------------------------------------------------------------------------- /artwork/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/artwork/README.md -------------------------------------------------------------------------------- /artwork/openssf_allstar_alt.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/artwork/openssf_allstar_alt.png -------------------------------------------------------------------------------- /artwork/openssf_allstar_alt.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/artwork/openssf_allstar_alt.svg -------------------------------------------------------------------------------- /cloudbuild.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/cloudbuild.yaml -------------------------------------------------------------------------------- /cmd/allstar/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/cmd/allstar/main.go -------------------------------------------------------------------------------- /code-of-conduct.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/code-of-conduct.md -------------------------------------------------------------------------------- /contributor-ladder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/contributor-ladder.md -------------------------------------------------------------------------------- /deploy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/deploy -------------------------------------------------------------------------------- /examples/gha-allstar-run.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/examples/gha-allstar-run.yml -------------------------------------------------------------------------------- /github-action-installation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/github-action-installation.md -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/go.sum -------------------------------------------------------------------------------- /install-decision.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/install-decision.jpg -------------------------------------------------------------------------------- /manual-install.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/manual-install.md -------------------------------------------------------------------------------- /operator.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/operator.md -------------------------------------------------------------------------------- /opt-out.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/opt-out.md -------------------------------------------------------------------------------- /pkg/config/config.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/config/config.go -------------------------------------------------------------------------------- /pkg/config/config_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/config/config_test.go -------------------------------------------------------------------------------- /pkg/config/contents.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/config/contents.go -------------------------------------------------------------------------------- /pkg/config/location.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/config/location.go -------------------------------------------------------------------------------- /pkg/config/operator/operator.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/config/operator/operator.go -------------------------------------------------------------------------------- /pkg/config/operator/operator_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/config/operator/operator_test.go -------------------------------------------------------------------------------- /pkg/config/schedule/schedule.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/config/schedule/schedule.go -------------------------------------------------------------------------------- /pkg/config/schedule/schedule_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/config/schedule/schedule_test.go -------------------------------------------------------------------------------- /pkg/enforce/enforce.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/enforce/enforce.go -------------------------------------------------------------------------------- /pkg/enforce/enforce_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/enforce/enforce_test.go -------------------------------------------------------------------------------- /pkg/ghclients/ghclients.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/ghclients/ghclients.go -------------------------------------------------------------------------------- /pkg/ghclients/ghclients_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/ghclients/ghclients_test.go -------------------------------------------------------------------------------- /pkg/ghclients/memorycache.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/ghclients/memorycache.go -------------------------------------------------------------------------------- /pkg/issue/issue.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/issue/issue.go -------------------------------------------------------------------------------- /pkg/issue/issue_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/issue/issue_test.go -------------------------------------------------------------------------------- /pkg/policies/action/action.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/action.go -------------------------------------------------------------------------------- /pkg/policies/action/action_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/action_test.go -------------------------------------------------------------------------------- /pkg/policies/action/caches.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/caches.go -------------------------------------------------------------------------------- /pkg/policies/action/eval.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/eval.go -------------------------------------------------------------------------------- /pkg/policies/action/results.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/results.go -------------------------------------------------------------------------------- /pkg/policies/action/test_workflows/actionless.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/test_workflows/actionless.yaml -------------------------------------------------------------------------------- /pkg/policies/action/test_workflows/basic.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/test_workflows/basic.yaml -------------------------------------------------------------------------------- /pkg/policies/action/test_workflows/go-workflow.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/test_workflows/go-workflow.yaml -------------------------------------------------------------------------------- /pkg/policies/action/test_workflows/gradle-wrapper-validate-outdated.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/test_workflows/gradle-wrapper-validate-outdated.yaml -------------------------------------------------------------------------------- /pkg/policies/action/test_workflows/gradle-wrapper-validate.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/test_workflows/gradle-wrapper-validate.yaml -------------------------------------------------------------------------------- /pkg/policies/action/test_workflows/invalid.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/test_workflows/invalid.yaml -------------------------------------------------------------------------------- /pkg/policies/action/test_workflows/no-on.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/test_workflows/no-on.yaml -------------------------------------------------------------------------------- /pkg/policies/action/test_workflows/version-pinned.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/action/test_workflows/version-pinned.yaml -------------------------------------------------------------------------------- /pkg/policies/admin/admin.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/admin/admin.go -------------------------------------------------------------------------------- /pkg/policies/admin/admin_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/admin/admin_test.go -------------------------------------------------------------------------------- /pkg/policies/binary/binary.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/binary/binary.go -------------------------------------------------------------------------------- /pkg/policies/binary/binary_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/binary/binary_test.go -------------------------------------------------------------------------------- /pkg/policies/branch/branch.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/branch/branch.go -------------------------------------------------------------------------------- /pkg/policies/branch/branch_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/branch/branch_test.go -------------------------------------------------------------------------------- /pkg/policies/codeowners/codeowners.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/codeowners/codeowners.go -------------------------------------------------------------------------------- /pkg/policies/codeowners/codeowners_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/codeowners/codeowners_test.go -------------------------------------------------------------------------------- /pkg/policies/outside/outside.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/outside/outside.go -------------------------------------------------------------------------------- /pkg/policies/outside/outside_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/outside/outside_test.go -------------------------------------------------------------------------------- /pkg/policies/policies.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/policies.go -------------------------------------------------------------------------------- /pkg/policies/scorecard/scorecard.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/scorecard/scorecard.go -------------------------------------------------------------------------------- /pkg/policies/scorecard/scorecard_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/scorecard/scorecard_test.go -------------------------------------------------------------------------------- /pkg/policies/security/security.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/security/security.go -------------------------------------------------------------------------------- /pkg/policies/security/security_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/security/security_test.go -------------------------------------------------------------------------------- /pkg/policies/workflow/workflow.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/workflow/workflow.go -------------------------------------------------------------------------------- /pkg/policies/workflow/workflow_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policies/workflow/workflow_test.go -------------------------------------------------------------------------------- /pkg/policydef/policydef.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/policydef/policydef.go -------------------------------------------------------------------------------- /pkg/scorecard/scorecard.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/scorecard/scorecard.go -------------------------------------------------------------------------------- /pkg/scorecard/scorecard_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/pkg/scorecard/scorecard_test.go -------------------------------------------------------------------------------- /whats-new.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ossf/allstar/HEAD/whats-new.md --------------------------------------------------------------------------------