From 2629eb8a4ad0cc0b3012c30cbe1f24c46ce34676 Mon Sep 17 00:00:00 2001 From: Joel Payne <15524072+LilSpazJoekp@users.noreply.github.com> Date: Wed, 3 Jul 2024 19:14:42 -0500 Subject: [PATCH] Update scorecards-analysis.yml --- .github/workflows/scorecards-analysis.yml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 3081d778..6ede59f1 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -2,31 +2,28 @@ jobs: analysis: name: Scorecards analysis permissions: - actions: read - contents: read id-token: write security-events: write runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: persist-credentials: false - name: Run analysis - uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif - repo_token: ${{ secrets.SCORECARD_READ_TOKEN }} publish_results: true - name: Upload artifact - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # v3.1.1 + uses: actions/upload-artifact@97a0fba1372883ab732affbe8f94b823f91727db # v3.pre.node20 with: name: SARIF file path: results.sarif retention-days: 5 - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # v1.0.26 + uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9 with: sarif_file: results.sarif name: Scorecards supply-chain security @@ -36,4 +33,4 @@ on: branches: [ master ] schedule: - cron: 30 1 * * 6 -permissions: read-all +permissions: read-all \ No newline at end of file