1. Scorecard update v2.4.1 was released, which includes months of bug
fixes and a new `file_mode` input to address a .gitattributes bug.
2. Bumped actions/upload-artifact to the v4 branch. This was previously
kept at v3 as GHES doesn't support v4, but github.com no longer
supports v3: as uploads return the following error "Create Artifact
Container failed: The artifact name JSON file is not valid."
Signed-off-by: Spencer Schrock <sschrock@google.com>
GitHub code scanning is a developer-first, GitHub-native approach to easily find security vulnerabilities before they reach production. Before you can configure code scanning for a repository, you must enable code scanning by adding a GitHub Actions workflow to the repository. For more information, see Setting up code scanning for a repository.