diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index ce1fa1f49e..124ea9dbf1 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -9,10 +9,12 @@ on:
   branch_protection_rule:
   # To guarantee Maintained check is occasionally updated. See
   # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
-  schedule:
-    - cron: '26 11 * * 5'
-  push:
-    branches: [ "master" ]
+  # schedule:
+  #   - cron: '26 2 * * *'
+  # push:
+  #   branches: [ "main" ]
+  workflow_dispatch:
+  # pull_request:
 
 # Declare default permissions as read only.
 permissions: read-all
@@ -37,7 +39,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
+        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
         with:
           results_file: results.sarif
           results_format: sarif