We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 3986cba commit 262ad46Copy full SHA for 262ad46
1 file changed
.github/workflows/ossf-scorecard.yml
@@ -24,18 +24,8 @@ jobs:
24
with:
25
persist-credentials: false
26
27
- - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
28
- id: create-token
29
- with:
30
- # analyzing classic branch protections requires a token with admin read permissions
31
- # see https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
32
- # and https://github.com/open-telemetry/community/issues/2769
33
- app-id: ${{ vars.OSSF_SCORECARD_APP_ID }}
34
- private-key: ${{ secrets.OSSF_SCORECARD_PRIVATE_KEY }}
35
-
36
- uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
37
38
- repo_token: ${{ steps.create-token.outputs.token }}
39
results_file: results.sarif
40
results_format: sarif
41
publish_results: true
0 commit comments