Skip to content

Scorecard supply-chain security #436

Scorecard supply-chain security

Scorecard supply-chain security #436

Workflow file for this run

name: Scorecard supply-chain security
on:
# For Branch-Protection check. Only the default branch is supported. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
branch_protection_rule:
# Manual trigger
workflow_dispatch:
# To guarantee Maintained check is occasionally updated. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
schedule:
- cron: "0 5 * * 1"
push:
branches: ["main"]
# Declare default permissions as read only.
permissions: read-all
jobs:
ossf:
uses: TBD54566975/open-source-programs/.github/workflows/scorecard.yml@main
secrets: inherit
permissions:
security-events: write
id-token: write