chore(readme): Update Twitter badge to X and add OpenSSF Scorecard

[aaguiarz]

Update Twitter badge to X and add OpenSSF Scorecard

Description

What problem is being solved?

How is it being solved?

What changes are made to solve it?

References

Review Checklist

• I have clicked on "allow edits by maintainers".
• I have added documentation for new/changed functionality in this PR or in a PR to openfga.dev [Provide a link to any relevant PRs in the references section above]
• The correct base branch is being used, if not main
• I have added tests to validate that the change in functionality is working as expected

Summary by CodeRabbit

• Documentation
  • Updated README header badges.
  • Replaced the Twitter badge with an X badge linking to https://x.com/openfga and displaying “@openfga on X”.
  • Added an OpenSSF Scorecard badge linking to the project’s Scorecard viewer to surface security health metrics.
  • No changes to application behavior or code; documentation-only update.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

README.md documentation updates: replaced the Twitter badge with an X badge linking to https://x.com/openfga and added an OpenSSF Scorecard badge linking to the project’s scorecard viewer. No code or functionality changes; no public API impacts.

Changes

Cohort / File(s)	Summary
Docs: README badges README.md	Updated social badge from Twitter to X and added OpenSSF Scorecard badge; no code changes.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• Create scorecard.yml #548 — Adds OpenSSF Scorecard badge to README, matching the documentation badge update pattern in this PR.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/scorecard

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)

README.md (3)

840-840: Fix copy-paste errors in retry instructions (extra quotes and filename mismatch).

These command typos will break when users copy them.

-`fga tuple write --file tuples.json' --hide-imported-tuples > results.json`
+`fga tuple write --file tuples.json --hide-imported-tuples > results.json`

-`jq -c '[.failed[] | {user: .tuple_key.user, relation: .tuple_key.relation, object: .tuple_key.object}]' result.json > failed_tuples.json`
+`jq -c '[.failed[] | {user: .tuple_key.user, relation: .tuple_key.relation, object: .tuple_key.object}]' results.json > failed_tuples.json`

-`fga tuple write --file failed_tuples.json' --hide-imported-tuples `
+`fga tuple write --file failed_tuples.json --hide-imported-tuples`

Also applies to: 844-844, 846-846

---

1036-1036: Close missing quote in JSON context examples.

The single quote after the JSON payload is missing, causing the shell to eat the rest of the line.

-... --context '{"ip_address":"127.0.0.1"} --consistency="HIGHER_CONSISTENCY"`
+... --context '{"ip_address":"127.0.0.1"}' --consistency="HIGHER_CONSISTENCY"`

Apply the same fix to all three examples at Lines 1036, 1063, and 1126.

Also applies to: 1063-1063, 1126-1126

---

1129-1142: Invalid JSON structure in “List Users” response.

There’s an extra { … } wrapper; the outer object should directly contain "users": [...].

-```json5
-{
-    {
-      "users": [
-        {
-          "object": {
-            "type": "user",
-            "id": "anne"
-          }
-        }
-      ]
-    }
-}
-```
+```json5
+{
+  "users": [
+    {
+      "object": {
+        "type": "user",
+        "id": "anne"
+      }
+    }
+  ]
+}
+```

🧹 Nitpick comments (4)

README.md (4)

10-11: Badges look good; tighten consistency and clarity (style, label).

• The new badges work. For visual consistency with the other shields (which use default style), drop style=flat-square. Also prefer logo=x over logo=twitter to match the X rebrand.
• Consider adding an explicit label to the Scorecard badge so readers know what the score represents at a glance.

Apply:

-[![X](https://img.shields.io/twitter/follow/openfga?color=%23179CF0&logo=twitter&style=flat-square "@openfga on X")](https://x.com/openfga)
+[![X](https://img.shields.io/twitter/follow/openfga?color=%23179CF0&logo=x "@openfga on X")](https://x.com/openfga)
-[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/openfga/cli/badge)](https://securityscorecards.dev/viewer/?uri=github.com/openfga/cli)
+[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/openfga/cli/badge?label=OpenSSF%20Scorecard)](https://securityscorecards.dev/viewer/?uri=github.com/openfga/cli)

---

60-60: Keep “Resources” consistent with the X rebrand.

Rename “Twitter” to “X (formerly Twitter)” and point to x.com.

-- [Twitter](https://twitter.com/openfga)
+- [X (formerly Twitter)](https://x.com/openfga)

---

254-254: Typo: “option” → “optional”.

Minor wording fix in the parameter description.

-* `--max-tuples`: Specifies the max number of tuples to include in the output (option, defaults to 100)
+* `--max-tuples`: Specifies the max number of tuples to include in the output (optional, defaults to 100)

---

649-649: Stray trailing slash after link.

Removes a dangling “/” that renders oddly.

-For more examples of `.fga.yaml` files, check our [Store File Format documentation](docs/STORE_FILE.md) and the [sample-stores repository](https://github.com/openfga/sample-stores/)/
+For more examples of `.fga.yaml` files, check our [Store File Format documentation](docs/STORE_FILE.md) and the [sample-stores repository](https://github.com/openfga/sample-stores/).

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between bd345de and 1fb9c1e.

📒 Files selected for processing (1)

• README.md (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Test Release Process
• GitHub Check: Tests