mirror of
https://github.com/ossf/scorecard.git
synced 2024-10-26 10:28:10 +03:00
Enable Scorecard badge (#2097)
Co-authored-by: Azeem Shaikh <azeems@google.com>
This commit is contained in:
parent
4f30e02a24
commit
c581062fe7
3
.github/workflows/scorecard-analysis.yml
vendored
3
.github/workflows/scorecard-analysis.yml
vendored
@ -19,6 +19,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
security-events: write
|
||||
token-id: write
|
||||
|
||||
steps:
|
||||
- name: Harden Runner
|
||||
@ -30,7 +31,7 @@ jobs:
|
||||
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
|
||||
|
||||
- name: "Run analysis"
|
||||
uses: ossf/scorecard-action@ce330fde6b1a5c9c75b417e7efc510b822a35564
|
||||
uses: ossf/scorecard-action@3155d134e59d8f47261b1ae9d143034c69572227 # v2.0.0-beta.1
|
||||
with:
|
||||
results_file: results.sarif
|
||||
results_format: sarif
|
||||
|
@ -1,5 +1,6 @@
|
||||
# Security Scorecards
|
||||
|
||||
[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/ossf/scorecard/badge)](https://api.securityscorecards.dev/projects/github.com/ossf/scorecard)
|
||||
[![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/5621/badge)](https://bestpractices.coreinfrastructure.org/projects/5621)
|
||||
![build](https://github.com/ossf/scorecard/workflows/build/badge.svg?branch=main)
|
||||
![CodeQL](https://github.com/ossf/scorecard/workflows/CodeQL/badge.svg?branch=main)
|
||||
|
Loading…
Reference in New Issue
Block a user