Skip to content
Scorecard analysis

Bump github/codeql-action from 3.29.0 to 3.29.1 in the all group (#474) #47

Sign in to view logs

Bump github/codeql-action from 3.29.0 to 3.29.1 in the all group (#474)

Bump github/codeql-action from 3.29.0 to 3.29.1 in the all group (#474) #47

Workflow file for this run

.github/workflows/scorecard.yml at 01d18ff
name: Scorecard analysis
on:
push:
branches:
- main
schedule:
- cron: '22 17 * * 1' # https://crontab.guru/#22_17_*_*_1
workflow_dispatch:
permissions:
actions: read
checks: read
contents: read
issues: read
pull-requests: read
statuses: read
# Needed for SARIF upload
security-events: write
jobs:
analysis:
name: Scorecard analysis
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
with:
results_file: results.sarif
results_format: sarif
- uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
with:
sarif_file: results.sarif