Skip to content

Review SCM files and security updates #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hyperpolymath merged 1 commit into from
Dec 17, 2025
Merged

Review SCM files and security updates #4

hyperpolymath merged 1 commit into from
Dec 17, 2025

Conversation

@hyperpolymath
Copy link
Owner

@hyperpolymath hyperpolymath commented Dec 17, 2025

  • Fix critical bug in security-policy.yml: was searching for https:// instead of http:// for insecure URL detection
  • SHA-pin all actions in scorecard.yml for supply chain security
  • Update ci.yml RSR check to accept README.adoc and LICENSE.txt
  • Update justfile validate-rsr to match actual file names
  • Update STATE.scm with security hardening session

@claude
fix(security): correct HTTP detection and SHA-pin actions
40bc6d2 
- Fix critical bug in security-policy.yml: was searching for https://
  instead of http:// for insecure URL detection
- SHA-pin all actions in scorecard.yml for supply chain security
- Update ci.yml RSR check to accept README.adoc and LICENSE.txt
- Update justfile validate-rsr to match actual file names
- Update STATE.scm with security hardening session
@hyperpolymath hyperpolymath merged commit 4bd9f16 into main Dec 17, 2025
10 of 49 checks passed
@hyperpolymath hyperpolymath deleted the claude/review-scm-security-H9wz6 branch December 17, 2025 23:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hyperpolymath @claude