-
Notifications
You must be signed in to change notification settings - Fork 508
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Missing checks in API response #3438
Comments
I believe this is a matter of where the result is sourced. The API pulls from the GitHub action published results if available, or the weekly cron if not. diff checks1 checks2
4d3
< "CI-Tests"
6d4
< "Contributors"
8d5
< "Dependency-Update-Tool" These are the checks disabled in the weekly cron: scorecard/cron/config/config.yaml Line 48 in b68ef18
The output is basically tied to the checks requested, so
will only have the Vulnerabilities check in its result. Which is why those 3 are missing. Your second request comes from before the action was installed, so there's no other data to grab. I believe this is working as intended. |
Thanks @spencerschrock this makes sense! Thanks for the complete response 👍 |
Describe the bug
While comparing the scoring with the API:
In the Request2 the payload does not include all the checks, for example
"CI-Tests"
is missing inside the checks.Reproduction steps
Steps to reproduce the behavior:
Expected behavior
I will expect both payloads to include all the checks included in the scorecard, or at least an error code that explains this behaviour, so the API consumers can control the error.
Additional context
This bug is affecting:
The text was updated successfully, but these errors were encountered: