diff --git a/code-scanning/scorecard.yml b/code-scanning/scorecard.yml index 248c9f9..b5b838e 100644 --- a/code-scanning/scorecard.yml +++ b/code-scanning/scorecard.yml @@ -21,8 +21,8 @@ jobs: analysis: name: Scorecard analysis runs-on: ubuntu-latest - # This action only works when run from the default branch - if: github.event.repository.default_branch == github.ref_name + # `publish_results: true` only works when run from the default branch. conditional can be removed if disabled. + if: github.event.repository.default_branch == github.ref_name || github.event_name == 'pull_request' permissions: # Needed to upload the results to code-scanning dashboard. security-events: write