遵循以下最佳实践的项目将能够自愿的自我认证,并显示他们已经实现了核心基础设施计划(OpenSSF)徽章。 显示详细资料
[](https://www.bestpractices.dev/projects/6503)
<a href="https://www.bestpractices.dev/projects/6503"><img src="https://www.bestpractices.dev/projects/6503/badge"></a>
Language-agnostic SLSA provenance generation for Github Actions
Repository on GitHub, which uses git. git is distributed.
https://github.com/slsa-framework/slsa-github-generator#unit-tests
Extensive pre-submit tests are provided as GitHub Actions workflows.
An end-to-end test suite is provided in the example-package repository and is run daily.
Found all required security hardening headers.
警告:需要URL,但找不到URL。
We require unit tests to succeed before PRs are merged. We require end-to-end tests to succeed before releases.
We do not currently make use of fuzzing, but may in the future as needed. Fuzzing is not currently applicable since we are providing GitHub Actions CI workflows and not a traditional library or application.
Unit testing and e2e tests provide assertions.
后退