From 7633e6cd031eacec026262de678412719ee37c06 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 22 May 2026 13:05:55 +0000
Subject: [PATCH] [gha] Bump
 open-edge-platform/orch-ci/.github/workflows/post-merge-scorecard.yml

Bumps [open-edge-platform/orch-ci/.github/workflows/post-merge-scorecard.yml](https://github.com/open-edge-platform/orch-ci) from 4800a208571aa9961e6d814998f24b5947960712 to 90e04f4dce5db4efe82b176d2aa16a49d293f41d.
- [Commits](https://github.com/open-edge-platform/orch-ci/compare/4800a208571aa9961e6d814998f24b5947960712...90e04f4dce5db4efe82b176d2aa16a49d293f41d)

---
updated-dependencies:
- dependency-name: open-edge-platform/orch-ci/.github/workflows/post-merge-scorecard.yml
  dependency-version: 90e04f4dce5db4efe82b176d2aa16a49d293f41d
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/post-merge-scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/post-merge-scorecard.yml b/.github/workflows/post-merge-scorecard.yml
index 016c38c..ef43c44 100644
--- a/.github/workflows/post-merge-scorecard.yml
+++ b/.github/workflows/post-merge-scorecard.yml
@@ -20,7 +20,7 @@ jobs:
       id-token: write
       contents: read
 
-    uses: open-edge-platform/orch-ci/.github/workflows/post-merge-scorecard.yml@4800a208571aa9961e6d814998f24b5947960712  # 2026.1.3
+    uses: open-edge-platform/orch-ci/.github/workflows/post-merge-scorecard.yml@90e04f4dce5db4efe82b176d2aa16a49d293f41d  # 2026.1.3
     with:
       project_folder: "."
     secrets: