diff --git a/code-scanning/properties/scorecard.properties.json b/code-scanning/properties/scorecard.properties.json new file mode 100644 index 0000000..b95344d --- /dev/null +++ b/code-scanning/properties/scorecard.properties.json @@ -0,0 +1,7 @@ +{ + "name": "OSSF Scorecard", + "creator": "Open Source Security Foundation (OpenSSF)", + "description": "Scorecard is a static supply-chain security analysis tool to assess the security posture of your project", + "iconName": "scorecard", + "categories": ["Code Scanning"] +} diff --git a/code-scanning/properties/scorecards.properties.json b/code-scanning/properties/scorecards.properties.json deleted file mode 100644 index a98834c..0000000 --- a/code-scanning/properties/scorecards.properties.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "name": "OSSF Scorecards", - "creator": "Open Source Security Foundation (OpenSSF)", - "description": "Scorecards is a static supply-chain security analysis tool to assess the security posture of your project", - "iconName": "scorecards", - "categories": ["Code Scanning"] -} diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecard.yml similarity index 95% rename from code-scanning/scorecards.yml rename to code-scanning/scorecard.yml index 0e42bae..69cf948 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecard.yml @@ -2,7 +2,7 @@ # by a third-party and are governed by separate terms of service, privacy # policy, and support documentation. -name: Scorecards supply-chain security +name: Scorecard supply-chain security on: # For Branch-Protection check. Only the default branch is supported. See # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection @@ -19,7 +19,7 @@ permissions: read-all jobs: analysis: - name: Scorecards analysis + name: Scorecard analysis runs-on: ubuntu-latest permissions: # Needed to upload the results to code-scanning dashboard. @@ -43,7 +43,7 @@ jobs: results_format: sarif # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: # - you want to enable the Branch-Protection check on a *public* repository, or - # - you are installing Scorecards on a *private* repository + # - you are installing Scorecard on a *private* repository # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. # repo_token: ${{ secrets.SCORECARD_TOKEN }} diff --git a/icons/scorecards.svg b/icons/scorecard.svg similarity index 100% rename from icons/scorecards.svg rename to icons/scorecard.svg