From 4a5b4939a642720a98cb0c99db033cf7722eeced Mon Sep 17 00:00:00 2001 From: Spencer Schrock Date: Mon, 24 Feb 2025 11:19:07 -0700 Subject: [PATCH] add future looking pull_request event to conditional Scorecard currently has experimental support for the `pull_request` trigger, so we want to allow analysis to be run for it in the future. Signed-off-by: Spencer Schrock --- code-scanning/scorecard.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/code-scanning/scorecard.yml b/code-scanning/scorecard.yml index 248c9f9..b5b838e 100644 --- a/code-scanning/scorecard.yml +++ b/code-scanning/scorecard.yml @@ -21,8 +21,8 @@ jobs: analysis: name: Scorecard analysis runs-on: ubuntu-latest - # This action only works when run from the default branch - if: github.event.repository.default_branch == github.ref_name + # `publish_results: true` only works when run from the default branch. conditional can be removed if disabled. + if: github.event.repository.default_branch == github.ref_name || github.event_name == 'pull_request' permissions: # Needed to upload the results to code-scanning dashboard. security-events: write