RuhNetConsulting
/
libphonenumber
mirror of https://github.com/google/libphonenumber
1
1
Fork 0
Code Issues 0 Projects 0 Releases 254 Wiki Activity
Browse Source

Update scorecards.yml (#3625) 

Fixing the issue based on info from Scorecard workflow is failing: error signing scorecard json results ossf/scorecard-action#997
pull/3626/head
mandlil 1 year ago
committed by GitHub
parent
67400bd111
commit
55716be400
No known key found for this signature in database GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 4 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +4
    -4
      .github/workflows/scorecards.yml

+ 4
- 4
.github/workflows/scorecards.yml View File

@ -36,12 +36,12 @@ jobs:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: "Checkout code"
uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
persist-credentials: false
- name: "Run analysis"
uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # v2.0.6
uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
with:
results_file: results.sarif
results_format: sarif
@ -63,7 +63,7 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: SARIF file
path: results.sarif
@ -71,6 +71,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@5b6282e01c62d02e720b81eb8a51204f527c3624 # v2.21.3
uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
with:
sarif_file: results.sarif

Write Preview
Loading…
Cancel
Save