[Scorecard Viewer] Feature: show grayed out the checks whose results aren't available #427
Comments
|
Note: we don't currently surface whether or not the API result comes from the cron or from the action. So it may not be possible to try and push people towards the action. |
|
Although having missing checks would be a pretty good indication it's from the cron. As we can't currently customize which checks the action runs. |
|
Makes sense... Does the missing checks come as -1? We could just show all "-1"s as greyed out, and adapt the note to indicate that some of the greyed out checks may be because of lack of permissions, and using the Action or running at the CLI might include other checks. If some -1 keep appearing at the CLI/action evaluation because of other reasons, at least the overall score would be coherent. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Motivation
Currently if a project doesn't use the Scorecard action, the Scorecard Viewer will only display the checks that are evaluated at the cron job(which excludes some important checks like Dependency-Update-Tool or Contributors), but this is not transparent for the user.
In fact, the lack of those checks will end up with an overall score that is different from the one got by the Scorecard API or got when you install Scorecard actions. That can be very frustrating as some maintainers like to have a preview of their score before installing Scorecard.
If we make clear that using the Scorecard Action would enable the other inspections, it could also motivate the adoption of the tool.
Purposed Solution
I've thought of these two actions:
The text was updated successfully, but these errors were encountered: