GitHub/otpauth
1
0
Fork 0
mirror of https://github.com/hectorm/otpauth.git synced 2026-05-07 20:12:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
49808571422e4b6e55d8db4e9c958e594f6e5b76
otpauth/.github/workflows/scorecard.yml
T
dependabot[bot] 4980857142 Bump the github-actions-all group with 3 updates (#679) 
Bumps the github-actions-all group with 3 updates: [github/codeql-action](https://github.com/github/codeql-action), [actions/setup-node](https://github.com/actions/setup-node) and [oven-sh/setup-bun](https://github.com/oven-sh/setup-bun).


Updates `github/codeql-action` from 4.32.4 to 4.32.6
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/89a39a4e59826350b863aa6b6252a07ad50cf83e...0d579ffd059c29b07949a3cce3983f0780820c98)

Updates `actions/setup-node` from 6.2.0 to 6.3.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/6044e13b5dc448c55e2357c09f80417699197238...53b83947a5a98c8d113130e565377fae1a50d02f)

Updates `oven-sh/setup-bun` from 2.1.2 to 2.1.3
- [Release notes](https://github.com/oven-sh/setup-bun/releases)
- [Commits](https://github.com/oven-sh/setup-bun/compare/3d267786b128fe76c2f16a390aa2448b815359f3...ecf28ddc73e819eb6fa29df6b34ef8921c743461)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.32.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-all
- dependency-name: actions/setup-node
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-all
- dependency-name: oven-sh/setup-bun
  dependency-version: 2.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-07 11:36:07 +01:00

35 lines
997 B
YAML
Raw Blame History

# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: "Scorecard security analysis"
on:
push:
branches: ["master"]
schedule:
- cron: "25 10 * * 3"
workflow_dispatch:
permissions: {}
jobs:
analyze:
name: "Scorecard security analysis"
runs-on: "ubuntu-latest"
permissions:
actions: "read"
contents: "read"
security-events: "write"
steps:
- name: "Checkout"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd"
- name: "Perform security analysis"
uses: "ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a"
with:
results_file: "./results.sarif"
results_format: "sarif"
repo_token: "${{ secrets.GITHUB_TOKEN }}"
publish_results: false
- name: "Upload SARIF file"
uses: "github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98"
with:
sarif_file: "./results.sarif"
Reference in New Issue View Git Blame Copy Permalink