Skip to content

Bump ossf/scorecard-action from 2.3.1 to 2.4.0 in the non_major_updates group #254

Bump ossf/scorecard-action from 2.3.1 to 2.4.0 in the non_major_updates group

Bump ossf/scorecard-action from 2.3.1 to 2.4.0 in the non_major_updates group #254

Workflow file for this run

name: PullRequest
on: pull_request
permissions: {}
jobs:
ci:
permissions:
contents: read # for actions/checkout
security-events: write # for codeql-action
uses: ./.github/workflows/ci.yml
dependency-review:
name: Security check of added dependencies
runs-on: ubuntu-latest
permissions:
contents: read # for actions/checkout
pull-requests: write # for actions/dependency-review-action to publish summary
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Dependency review
uses: actions/dependency-review-action@v4
with:
comment-summary-in-pr: always