scorecard: BUG: Parsing errors
Noticing many parsing errors during cron job. Not blocking cron job, but good to fix since otherwise we just return ErrScorecardInternal
. Some examples to reproduce shown below:
scorecard --repo=github.com/ufal/udpipe --checks=Pinned-Dependencies
scorecard --repo=github.com/ubisoft/Sharpmake --checks=Pinned-Dependencies
scorecard --repo=github.com/uber/okbuck --checks=Pinned-Dependencies
scorecard --repo=github.com/uber/NullAway --checks=Pinned-Dependencies
scorecard --repo=github.com/aliyun/aliyun-odps-python-sdk --checks=Token-Permissions,Pinned-Dependencies
scorecard --repo=github.com/alibaba/GraphScope --checks=Token-Permissions
scorecard --repo=github.com/u-boot/u-boot --checks=Pinned-Dependencies
There might be more cases. Will add as I find them. Would be good to fix these and add these repos to cron/data/projects.release.csv
as and when we fix them.
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 32 (32 by maintainers)
Parsing errors that showed up with the new actionlint parser:
+1. See https://github.com/ossf/scorecard/blob/main/stats/views.go#L50. You can use that to record/monitor these parse errors.
We can start with this to get a sense of how bad the problem is and then decide on whether we should log a warning and continue.
sounds like a reasonable approach. Also verify that if
if: runner.os == 'Windows'
is present, at least one windows os is specified inruns-on