ci: Disable ossf/scorecard-action until it's allowlisted

mozilla · Apr 9, 2024 · 8613776 · 8613776
1 parent c6c60ba
commit 8613776
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -6,13 +6,13 @@ name: Scorecard supply-chain security
 on:
   # For Branch-Protection check. Only the default branch is supported. See
   # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
-  branch_protection_rule:
+  # branch_protection_rule:
   # To guarantee Maintained check is occasionally updated. See
   # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
-  schedule:
-    - cron: '26 8 * * 6'
-  push:
-    branches: [ "main" ]
+  # schedule:
+  #   - cron: '26 8 * * 6'
+  # push:
+  #   branches: [ "main" ]
 
 # Declare default permissions as read only.
 permissions: read-all