Mercurial > p > roundup > code
comparison .github/workflows/ossf-scorecard.yml @ 8341:85198b53b999
chore: update githup action ses clauses to latest versions.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 19 Jun 2025 16:38:38 -0400 |
| parents | edd93fa4a5ec |
| children | 3db40a355a6c |
comparison
equal
deleted
inserted
replaced
| 8340:6e44b3b20df2 | 8341:85198b53b999 |
|---|---|
| 33 # contents: read | 33 # contents: read |
| 34 # actions: read | 34 # actions: read |
| 35 | 35 |
| 36 steps: | 36 steps: |
| 37 - name: "Checkout code" | 37 - name: "Checkout code" |
| 38 uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | 38 uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 |
| 39 with: | 39 with: |
| 40 persist-credentials: false | 40 persist-credentials: false |
| 41 | 41 |
| 42 - name: "Run analysis" | 42 - name: "Run analysis" |
| 43 uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.10 | 43 uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v5.2.1 |
| 44 with: | 44 with: |
| 45 results_file: results.sarif | 45 results_file: results.sarif |
| 46 results_format: sarif | 46 results_format: sarif |
| 47 # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: | 47 # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: |
| 48 # - you want to enable the Branch-Protection check on a *public* repository, or | 48 # - you want to enable the Branch-Protection check on a *public* repository, or |
| 60 publish_results: true | 60 publish_results: true |
| 61 | 61 |
| 62 # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF | 62 # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF |
| 63 # format to the repository Actions tab. | 63 # format to the repository Actions tab. |
| 64 - name: "Upload artifact" | 64 - name: "Upload artifact" |
| 65 uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 | 65 uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 |
| 66 with: | 66 with: |
| 67 name: SARIF file | 67 name: SARIF file |
| 68 path: results.sarif | 68 path: results.sarif |
| 69 retention-days: 5 | 69 retention-days: 5 |
| 70 | 70 |
| 71 # Upload the results to GitHub's code scanning dashboard. | 71 # Upload the results to GitHub's code scanning dashboard. |
| 72 - name: "Upload to code-scanning" | 72 - name: "Upload to code-scanning" |
| 73 uses: github/codeql-action/upload-sarif@65c74964a9ed8c44ed9f19d4bbc5757a6a8e9ab9 # v2.16.1 | 73 uses: github/codeql-action/upload-sarif@b1e4dc3db58c9601794e22a9f6d28d45461b9dbf # v2.22.0 |
| 74 with: | 74 with: |
| 75 sarif_file: results.sarif | 75 sarif_file: results.sarif |