From 978c3bbb41242ad164fb5c43b4fdd3353056addc Mon Sep 17 00:00:00 2001 From: laurentsimon <64505099+laurentsimon@users.noreply.github.com> Date: Wed, 1 Jun 2022 09:15:10 -0700 Subject: [PATCH 1/3] Update scorecards.yml --- code-scanning/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index 28fb7f3..6135414 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -29,7 +29,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@5c8bc69dc88b65c66584e07611df79d3579b0377 # v1.1.0 + uses: ossf/scorecard-action@3e15ea8318eee9b333819ec77a36aca8d39df13e # v1.1.1 with: results_file: results.sarif results_format: sarif From 74b6f422559f3c58f4adee47ffbefc98d22548e1 Mon Sep 17 00:00:00 2001 From: laurentsimon <64505099+laurentsimon@users.noreply.github.com> Date: Wed, 1 Jun 2022 10:50:44 -0700 Subject: [PATCH 2/3] Update scorecards.yml --- code-scanning/scorecards.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index 6135414..eed834b 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -19,7 +19,6 @@ jobs: security-events: write # Used to receive a badge. (Upcoming feature) id-token: write - actions: read contents: read steps: From 74408a5287eb771031d02d73dbe14ed23ec90a41 Mon Sep 17 00:00:00 2001 From: laurentsimon <64505099+laurentsimon@users.noreply.github.com> Date: Wed, 1 Jun 2022 11:00:27 -0700 Subject: [PATCH 3/3] Update scorecards.yml --- code-scanning/scorecards.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index eed834b..539794d 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -19,7 +19,9 @@ jobs: security-events: write # Used to receive a badge. (Upcoming feature) id-token: write + # Needs for private repositories. contents: read + actions: read steps: - name: "Checkout code"