updates
This commit is contained in:
@@ -29,16 +29,13 @@ jobs:
|
||||
with:
|
||||
results_file: results.sarif
|
||||
results_format: sarif
|
||||
# Read-only PAT token. To create it, follow the steps
|
||||
# in https://github.com/ossf/scorecard-action/main#pat-token-creation
|
||||
# Read-only PAT token. To create it,
|
||||
# follow the steps in https://github.com/ossf/scorecard-action/blob/main#pat-token-creation.
|
||||
repo_token: ${{ secrets.SCORECARD_TOKEN }}
|
||||
# The Scorecard team runs a weekly scan of public GitHub repositories in order to track
|
||||
# the overall security health of the open source ecosystem. The results are publicly
|
||||
# available as described at https://github.com/ossf/scorecard#public-data.
|
||||
# Setting `publish_results: true` replaces the results of the team's weelky scans,
|
||||
# helping us scale by cutting down on repeated workflows and GitHub API requests.
|
||||
# This option is needed to enable badges on the repo. If you're installing the action
|
||||
# on a private repo, set it to `publish_results: false` or do not set the value at all.
|
||||
# Publish the results to enable scorecard badges. For more details, see
|
||||
# https://github.com/ossf/scorecard-action/blob/main#publishing-results.
|
||||
# If you are installing the action on a private repo, set it to `publish_results: false`
|
||||
# or do not set the value at all.
|
||||
publish_results: true
|
||||
|
||||
# Upload the results as artifacts (optional).
|
||||
|
||||
Reference in New Issue
Block a user