contentful · karankohli-cf · Sep 26, 2023 · Sep 26, 2023 · Sep 26, 2023
@@ -1,4 +1,4 @@
-[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/ossf/allstar/badge)](https://api.securityscorecards.dev/projects/github.com/ossf/allstar)
+[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/contentful/allstar/badge)](https://api.securityscorecards.dev/projects/github.com/contentful/allstar)
 
 <img align="right" src="artwork/openssf_allstar_alt.png" width="300" height="400">
 
@@ -266,10 +266,7 @@ The details of how the `fix` action works for each policy is detailed below. If
 
 ### Branch Protection
 
-This policy's config file is named `branch_protection.yaml`, and the [config
-definitions are
-here](https://pkg.go.dev/github.com/ossf/allstar/pkg/policies/branch#OrgConfig).
-
+This policy's config file is named `branch_protection.yaml`
 The branch protection policy checks that GitHub's [branch protection
 settings](https://docs.github.com/en/github/administering-a-repository/defining-the-mergeability-of-pull-requests/about-protected-branches)
 are setup correctly according to the specified configuration. The issue text
@@ -281,10 +278,7 @@ The `fix` action will change the branch protection settings to be in compliance
 
 ### Binary Artifacts
 
-This policy's config file is named `binary_artifacts.yaml`, and the [config
-definitions are
-here](https://pkg.go.dev/github.com/ossf/allstar/pkg/policies/binary#OrgConfig).
-
+This policy's config file is named `binary_artifacts.yaml`
 This policy incorporates the [check from
 scorecard](https://github.com/ossf/scorecard/#scorecard-checks). Remove the
 binary artifact from the repository to achieve compliance. As the scorecard
@@ -293,10 +287,7 @@ itself](https://github.com/ossf/scorecard) to see all the detailed information.
 
 ### Outside Collaborators
 
-This policy's config file is named `outside.yaml`, and the [config definitions
-are
-here](https://pkg.go.dev/github.com/ossf/allstar/pkg/policies/outside#OrgConfig).
-
+This policy's config file is named `outside.yaml`
 This policy checks if any [Outside
 Collaborators](https://docs.github.com/en/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization)
 have either administrator(default) or push(optional) access to the
@@ -305,10 +296,7 @@ untrusted members can change admin level settings and commit malicious code.
 
 ### SECURITY.md
 
-This policy's config file is named `security.yaml`, and the [config definitions
-are
-here](https://pkg.go.dev/github.com/ossf/allstar/pkg/policies/security#OrgConfig).
-
+This policy's config file is named `security.yaml`
 This policy checks that the repository has a security policy file in
 `SECURITY.md` and that it is not empty. The created issue will have a link to
 the [GitHub
@@ -317,10 +305,7 @@ that helps you commit a security policy to your repository.
 
 ### Dangerous Workflow
 
-This policy's config file is named `dangerous_workflow.yaml`, and the [config
-definitions are
-here](https://pkg.go.dev/github.com/ossf/allstar/pkg/policies/workflow#OrgConfig).
-
+This policy's config file is named `dangerous_workflow.yaml`
 This policy checks the GitHub Actions workflow configuration files
 (`.github/workflows`), for any patterns that match known dangerous
 behavior. See the [Security Scorecards
@@ -329,10 +314,7 @@ for more information on this check.
 
 ### Generic Scorecard Check
 
-This policy's config file is named `scorecard.yaml`, and the [config definitions
-are
-here](https://pkg.go.dev/github.com/ossf/allstar/pkg/policies/scorecard#OrgConfig).
-
+This policy's config file is named `scorecard.yaml`
 This policy runs any scorecard check listed in the `checks` configuration. All
 checks run must have a score equal or above the `threshold` setting. Please see
 the [Security Scorecards
@@ -341,21 +323,15 @@ for more information on each check.
 
 ### GitHub Actions
 
-This policy's config file is named `actions.yaml`, and the [config definitions
-are
-here](https://pkg.go.dev/github.com/ossf/allstar/pkg/policies/action#OrgConfig).
-
+This policy's config file is named `actions.yaml`
 This policy checks the GitHub Actions workflow configuration files
 (`.github/workflows`) (and workflow runs in some cases) in each repo to ensure
 they are in line with rules (eg. require, deny) defined in the
 organization-level config for the policy.
 
 ### Repository Administrators
 
-This policy's config file is named `admin.yaml`, and the [config definitions
-are
-here](https://pkg.go.dev/github.com/ossf/allstar/pkg/policies/admin#OrgConfig).
-
+This policy's config file is named `admin.yaml`
 This policy checks that by default all repositories must have a user or group assigned as an Administrator. It allows you to optionally configure if users are allowed to be administrators (as opposed to teams).
 
 ### Future Policies
@@ -374,8 +350,8 @@ organization.
 
 ### Configuration Definitions
 
-- [Organization level enable configuration](https://pkg.go.dev/github.com/ossf/allstar/pkg/config#OrgOptConfig)
-- [Repository Override enable configuration]( https://pkg.go.dev/github.com/ossf/allstar/pkg/config#RepoOptConfig)
+- [Organization level enable configuration]()
+- [Repository Override enable configuration]()
 
 ### Secondary Org-Level configuration location
 

@@ -25,9 +25,9 @@ import (
 	"syscall"
 	"time"
 
-	"github.com/ossf/allstar/pkg/enforce"
-	"github.com/ossf/allstar/pkg/ghclients"
-	"github.com/ossf/allstar/pkg/policies"
+	"github.com/contentful/allstar/pkg/enforce"
+	"github.com/contentful/allstar/pkg/ghclients"
+	"github.com/contentful/allstar/pkg/policies"
 
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"

@@ -19,7 +19,7 @@ import (
 	"os"
 	"strconv"
 
-	"github.com/ossf/allstar/pkg/reviewbot"
+	"github.com/contentful/allstar/pkg/reviewbot"
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
 )

diff --git a/go.mod b/go.mod
@@ -1,4 +1,4 @@
-module github.com/ossf/allstar
+module github.com/contentful/allstar
 
 go 1.16
 

@@ -22,7 +22,7 @@ import (
 	"path"
 	"strings"
 
-	"github.com/ossf/allstar/pkg/config/operator"
+	"github.com/contentful/allstar/pkg/config/operator"
 
 	jsonpatch "github.com/evanphx/json-patch"
 	"github.com/google/go-github/v50/github"

@@ -22,9 +22,9 @@ import (
 	"strings"
 	"testing"
 
+	"github.com/contentful/allstar/pkg/config/operator"
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-github/v50/github"
-	"github.com/ossf/allstar/pkg/config/operator"
 	"sigs.k8s.io/yaml"
 )
 

@@ -19,7 +19,7 @@ import (
 	"net/http"
 	"sync"
 
-	"github.com/ossf/allstar/pkg/config/operator"
+	"github.com/contentful/allstar/pkg/config/operator"
 )
 
 type instLoc struct {

@@ -82,7 +82,7 @@ const GitHubIssueLabel = "allstar"
 // GitHubIssueFooter is added to the end of GitHub issues.
 const GitHubIssueFooter = `This issue will auto resolve when the policy is in compliance.
 
-Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.`
+Issue created by Allstar. See https://github.com/contentful/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.`
 
 // AllowedOrganizations is the set of GitHub repositories on which this Allstar instance
 // is allowed to be installed. This allows a public GitHub app to be shared between GitHub

@@ -20,7 +20,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/ossf/allstar/pkg/config"
+	"github.com/contentful/allstar/pkg/config"
 	"github.com/rs/zerolog/log"
 )
 

@@ -18,7 +18,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/ossf/allstar/pkg/config"
+	"github.com/contentful/allstar/pkg/config"
 )
 
 func timeFromDay(wd time.Weekday) time.Time {

@@ -22,13 +22,13 @@ import (
 	"sync"
 	"time"
 
-	"github.com/ossf/allstar/pkg/config"
-	"github.com/ossf/allstar/pkg/config/operator"
-	"github.com/ossf/allstar/pkg/ghclients"
-	"github.com/ossf/allstar/pkg/issue"
-	"github.com/ossf/allstar/pkg/policies"
-	"github.com/ossf/allstar/pkg/policydef"
-	"github.com/ossf/allstar/pkg/scorecard"
+	"github.com/contentful/allstar/pkg/config"
+	"github.com/contentful/allstar/pkg/config/operator"
+	"github.com/contentful/allstar/pkg/ghclients"
+	"github.com/contentful/allstar/pkg/issue"
+	"github.com/contentful/allstar/pkg/policies"
+	"github.com/contentful/allstar/pkg/policydef"
+	"github.com/contentful/allstar/pkg/scorecard"
 	"golang.org/x/sync/errgroup"
 
 	"github.com/google/go-github/v50/github"

@@ -23,10 +23,10 @@ import (
 	"strings"
 	"testing"
 
+	"github.com/contentful/allstar/pkg/config/operator"
+	"github.com/contentful/allstar/pkg/policydef"
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-github/v50/github"
-	"github.com/ossf/allstar/pkg/config/operator"
-	"github.com/ossf/allstar/pkg/policydef"
 )
 
 var policy1Results policyRepoResults

@@ -21,9 +21,9 @@ import (
 	"net/http"
 
 	"github.com/bradleyfalzon/ghinstallation/v2"
+	"github.com/contentful/allstar/pkg/config/operator"
 	"github.com/google/go-github/v50/github"
 	"github.com/gregjones/httpcache"
-	"github.com/ossf/allstar/pkg/config/operator"
 	"gocloud.dev/runtimevar"
 	_ "gocloud.dev/runtimevar/awssecretsmanager"
 	_ "gocloud.dev/runtimevar/filevar"

@@ -24,9 +24,9 @@ import (
 	"strings"
 	"time"
 
-	"github.com/ossf/allstar/pkg/config"
-	"github.com/ossf/allstar/pkg/config/operator"
-	"github.com/ossf/allstar/pkg/config/schedule"
+	"github.com/contentful/allstar/pkg/config"
+	"github.com/contentful/allstar/pkg/config/operator"
+	"github.com/contentful/allstar/pkg/config/schedule"
 	"github.com/rs/zerolog/log"
 
 	"github.com/google/go-github/v50/github"
@@ -287,7 +287,7 @@ func createIssueBody(owner, repo, text, hash, footer string, isIssueRepo bool) s
 		refersTo = fmt.Sprintf(" and refers to [%s](https://github.com/%s)", ownerRepo, ownerRepo)
 	}
 	editHeader := issueSectionHeader(updateSectionName)
-	return fmt.Sprintf("_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)%s._\n\n**Security Policy Violation**\n"+
+	return fmt.Sprintf("_This issue was automatically created by [Allstar](https://github.com/contentful/allstar/)%s._\n\n**Security Policy Violation**\n"+
 		"%v\n\n---\n\n%s%s%s\n%v",
 		refersTo, text, editHeader, fmt.Sprintf(resultTextHashCommentFormat, hash), editHeader, footer)
 }

@@ -21,8 +21,8 @@ import (
 	"testing"
 	"time"
 
-	"github.com/ossf/allstar/pkg/config"
-	"github.com/ossf/allstar/pkg/config/operator"
+	"github.com/contentful/allstar/pkg/config"
+	"github.com/contentful/allstar/pkg/config/operator"
 
 	"github.com/google/go-github/v50/github"
 )
@@ -70,8 +70,8 @@ func TestEnsure(t *testing.T) {
 	issueTitleOtherRepo := "Security Policy violation for repository \"\" thispolicy"
 	closed := "closed"
 	open := "open"
-	body := "_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._\n\n**Security Policy Violation**\nStatus text\n\n---\n\n<!-- Edit section #updates --><!-- Current result text hash: 1ab61918ea1b7d10e20db2b40287c1a265a1617b998d87b28579a4462b2efac2 --><!-- Edit section #updates -->\nThis issue will auto resolve when the policy is in compliance.\n\nIssue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer."
-	bodyOtherRepo := "_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/) and refers to [/](https://github.com//)._\n\n**Security Policy Violation**\nStatus text\n\n---\n\n<!-- Edit section #updates --><!-- Current result text hash: 1ab61918ea1b7d10e20db2b40287c1a265a1617b998d87b28579a4462b2efac2 --><!-- Edit section #updates -->\nThis issue will auto resolve when the policy is in compliance.\n\nIssue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer."
+	body := "_This issue was automatically created by [Allstar](https://github.com/contentful/allstar/)._\n\n**Security Policy Violation**\nStatus text\n\n---\n\n<!-- Edit section #updates --><!-- Current result text hash: 1ab61918ea1b7d10e20db2b40287c1a265a1617b998d87b28579a4462b2efac2 --><!-- Edit section #updates -->\nThis issue will auto resolve when the policy is in compliance.\n\nIssue created by Allstar. See https://github.com/contentful/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer."
+	bodyOtherRepo := "_This issue was automatically created by [Allstar](https://github.com/contentful/allstar/) and refers to [/](https://github.com//)._\n\n**Security Policy Violation**\nStatus text\n\n---\n\n<!-- Edit section #updates --><!-- Current result text hash: 1ab61918ea1b7d10e20db2b40287c1a265a1617b998d87b28579a4462b2efac2 --><!-- Edit section #updates -->\nThis issue will auto resolve when the policy is in compliance.\n\nIssue created by Allstar. See https://github.com/contentful/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer."
 	configGetAppConfigs = func(context.Context, *github.Client, string, string) (*config.OrgConfig, *config.RepoConfig, *config.RepoConfig) {
 		return &config.OrgConfig{}, &config.RepoConfig{}, &config.RepoConfig{}
 	}
@@ -142,7 +142,7 @@ func TestEnsure(t *testing.T) {
 		configGetAppConfigs = func(context.Context, *github.Client, string, string) (*config.OrgConfig, *config.RepoConfig, *config.RepoConfig) {
 			return &config.OrgConfig{IssueFooter: "CustomFooter"}, &config.RepoConfig{}, &config.RepoConfig{}
 		}
-		bodyWithFooter := "_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._\n\n**Security Policy Violation**\nStatus text\n\n---\n\n<!-- Edit section #updates --><!-- Current result text hash: 1ab61918ea1b7d10e20db2b40287c1a265a1617b998d87b28579a4462b2efac2 --><!-- Edit section #updates -->\nCustomFooter\n\nThis issue will auto resolve when the policy is in compliance.\n\nIssue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer."
+		bodyWithFooter := "_This issue was automatically created by [Allstar](https://github.com/contentful/allstar/)._\n\n**Security Policy Violation**\nStatus text\n\n---\n\n<!-- Edit section #updates --><!-- Current result text hash: 1ab61918ea1b7d10e20db2b40287c1a265a1617b998d87b28579a4462b2efac2 --><!-- Edit section #updates -->\nCustomFooter\n\nThis issue will auto resolve when the policy is in compliance.\n\nIssue created by Allstar. See https://github.com/contentful/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer."
 		listByRepo = func(ctx context.Context, owner string, repo string,
 			opts *github.IssueListByRepoOptions) ([]*github.Issue, *github.Response, error) {
 			return make([]*github.Issue, 0), &github.Response{NextPage: 0}, nil

@@ -23,8 +23,8 @@ import (
 	"strings"
 
 	"github.com/Masterminds/semver/v3"
-	"github.com/ossf/allstar/pkg/config"
-	"github.com/ossf/allstar/pkg/policydef"
+	"github.com/contentful/allstar/pkg/config"
+	"github.com/contentful/allstar/pkg/policydef"
 	"github.com/rhysd/actionlint"
 
 	"github.com/google/go-github/v50/github"

@@ -21,9 +21,9 @@ import (
 	"path/filepath"
 	"testing"
 
+	"github.com/contentful/allstar/pkg/config"
 	"github.com/gobwas/glob"
 	"github.com/google/go-github/v50/github"
-	"github.com/ossf/allstar/pkg/config"
 	"github.com/rhysd/actionlint"
 )
 

@@ -18,9 +18,9 @@ package admin
 import (
 	"context"
 
+	"github.com/contentful/allstar/pkg/config"
+	"github.com/contentful/allstar/pkg/policydef"
 	"github.com/gobwas/glob"
-	"github.com/ossf/allstar/pkg/config"
-	"github.com/ossf/allstar/pkg/policydef"
 
 	"github.com/google/go-github/v50/github"
 	"github.com/rs/zerolog/log"

@@ -18,10 +18,10 @@ import (
 	"context"
 	"testing"
 
+	"github.com/contentful/allstar/pkg/config"
+	"github.com/contentful/allstar/pkg/policydef"
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-github/v50/github"
-	"github.com/ossf/allstar/pkg/config"
-	"github.com/ossf/allstar/pkg/policydef"
 )
 
 var listCollaborators func(context.Context, string, string,

@@ -21,9 +21,9 @@ import (
 	"fmt"
 	"path/filepath"
 
-	"github.com/ossf/allstar/pkg/config"
-	"github.com/ossf/allstar/pkg/policydef"
-	"github.com/ossf/allstar/pkg/scorecard"
+	"github.com/contentful/allstar/pkg/config"
+	"github.com/contentful/allstar/pkg/policydef"
+	"github.com/contentful/allstar/pkg/scorecard"
 	"github.com/ossf/scorecard/v4/checker"
 	"github.com/ossf/scorecard/v4/checks"
 

@@ -18,9 +18,9 @@ import (
 	"context"
 	"testing"
 
+	"github.com/contentful/allstar/pkg/config"
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-github/v50/github"
-	"github.com/ossf/allstar/pkg/config"
 )
 
 func TestConfigPrecedence(t *testing.T) {

@@ -20,8 +20,8 @@ import (
 	"fmt"
 	"net/http"
 
-	"github.com/ossf/allstar/pkg/config"
-	"github.com/ossf/allstar/pkg/policydef"
+	"github.com/contentful/allstar/pkg/config"
+	"github.com/contentful/allstar/pkg/policydef"
 
 	"github.com/google/go-github/v50/github"
 	"github.com/rs/zerolog/log"

@@ -21,10 +21,10 @@ import (
 	"sort"
 	"testing"
 
+	"github.com/contentful/allstar/pkg/config"
+	"github.com/contentful/allstar/pkg/policydef"
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-github/v50/github"
-	"github.com/ossf/allstar/pkg/config"
-	"github.com/ossf/allstar/pkg/policydef"
 )
 
 var get func(context.Context, string, string) (*github.Repository,