Skip to content

Remove Scorecard codescan #2371

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lvliang-intel merged 1 commit into from
Dec 22, 2025
Merged

Remove Scorecard codescan #2371

lvliang-intel merged 1 commit into from
Dec 22, 2025
+0 −0

Conversation

@ZePan110
Copy link
Collaborator

@ZePan110 ZePan110 commented Dec 22, 2025

Description

Remove Scorecard codescan

Issues

List the issue or RFC link this PR is working on. If there is no such link, please mark it as n/a.

Type of change

List the type of change like below. Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds new functionality)
  • Breaking change (fix or feature that would break existing design and interface)
  • Others (enhancement, documentation, validation, etc.)

Dependencies

List the newly introduced 3rd party dependency if exists.

Tests

Describe the tests that you ran to verify your changes.

@ZePan110
Remove Scorecard codescan
34ddb08 
Signed-off-by: ZePan110 <ze.pan@intel.com>
Copilot AI review requested due to automatic review settings December 22, 2025 06:23
@ZePan110 ZePan110 requested a review from chensuyue as a code owner December 22, 2025 06:23
Copilot AI reviewed Dec 22, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR removes the OpenSSF Scorecard supply-chain security workflow from the repository's CI/CD pipeline. The Scorecard workflow was previously used to assess and monitor the repository's security posture by analyzing various security best practices.

  • Removal of the entire Scorecard workflow configuration file
  • Elimination of automated security scanning scheduled to run weekly
  • Removal of SARIF results upload to GitHub's code scanning dashboard

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@github-actions
Copy link

github-actions bot commented Dec 22, 2025
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues found.

Scanned Files

None

@joshuayao joshuayao self-requested a review December 22, 2025 08:38
@lvliang-intel lvliang-intel merged commit 0301bf8 into main Dec 22, 2025
15 checks passed
@lvliang-intel lvliang-intel deleted the dis-score branch December 22, 2025 11:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@joshuayao joshuayao joshuayao approved these changes

@lvliang-intel lvliang-intel lvliang-intel approved these changes

@chensuyue chensuyue Awaiting requested review from chensuyue chensuyue is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ZePan110 @joshuayao @lvliang-intel