Open source security foundation
export GITHUB_AUTH_TOKEN=<your access token> scorecard --repo={owner}/{repo}
branch protection github api works pooly
scorecard --repo=google/jax --show-details \ --show-annotations --checks \ Signed-Releases,Contributors,License,Maintained,CI-Tests,Token-Permissions,Binary-Artifacts,Code-Review,Dangerous-Workflow,Fuzzing,Packaging,Vulnerabilities,CII-Best-Practices,Pinned-Dependencies,SAST,Security-Policy,Dependency-Update-Tool
api
part of
OSS foundataion