From cd38d5ec9fb0754feda79ad8d6cbcb75e312fca9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8D=C3=B1igo=20Marqu=C3=ADnez=20Prado?= <25435858+inigomarquinez@users.noreply.github.com> Date: Thu, 30 May 2024 11:16:47 +0200 Subject: [PATCH] chore: limit the OSSF Scorecard monitoring scope (#21) PR-URL: https://github.com/expressjs/security-wg/pull/21 --- tools/ossf_scorecard/scope.json | 41 ++++++++++++++++++++------------- 1 file changed, 25 insertions(+), 16 deletions(-) diff --git a/tools/ossf_scorecard/scope.json b/tools/ossf_scorecard/scope.json index 86946b4..163020c 100644 --- a/tools/ossf_scorecard/scope.json +++ b/tools/ossf_scorecard/scope.json @@ -7,10 +7,8 @@ "connect-multiparty", "cors", "compression", - "routification", "response-time", "basic-auth-connect", - "vhostess", "generator", "multer", "body-parser", @@ -25,14 +23,21 @@ "session", "method-override", "morgan", - "serve-static", + "serve-static" + ], + "excluded": [ + "api-error-handler", + "connect-markdown", + "domain-middleware", + "express-expose", "express-paginate", + "flash", "mime-extended", + "restful-router", + "routification", "set-type", - "api-error-handler", - "flash" - ], - "excluded": [] + "vhostess" + ] }, "pillarjs": { "included": [ @@ -45,16 +50,18 @@ "routington", "cookies", "multiparty", - "qs-strict", "csrf", "router", "finalhandler", - "ssl-redirect", - "templation", - "encodeurl", - "extend-proto" + "encodeurl" ], - "excluded": [] + "excluded": [ + "extend-proto", + "qs-strict", + "request", + "ssl-redirect", + "templation" + ] }, "jshttp": { "included": [ @@ -80,11 +87,13 @@ "content-disposition", "http-errors", "forwarded", - "spdy-push", "http-push", "mime-db" ], - "excluded": [] + "excluded": [ + "http-utils", + "spdy-push" + ] } } -} \ No newline at end of file +}