| commit | 5a8e41ce5a5d76e7dc8d054a92e06606c9b2e975 | [log] [tgz] |
|---|---|---|
| author | dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | Tue Sep 13 13:58:06 2022 +0200 |
| committer | GitHub <noreply@github.com> | Tue Sep 13 13:58:06 2022 +0200 |
| tree | beeabb0f8cab006351695b80560bf1c92405510b | |
| parent | a0f65ad1e3d90192029df8559ecb614b8b117670 [diff] |
Bump ossf/scorecard-action from 1.1.2 to 2.0.3 (#776) * Bump ossf/scorecard-action from 1.1.2 to 2.0.3 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.1.2 to 2.0.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/ce330fde6b1a5c9c75b417e7efc510b822a35564...865b4092859256271290c77adbd10a43f4779972) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update scorecards-analysis.yml Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Pierre-Louis <6655696+guidezpl@users.noreply.github.com> Co-authored-by: Pierre-Louis Guidez <plg@google.com>
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index a150060..dd0484f 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml
@@ -25,7 +25,7 @@ persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@ce330fde6b1a5c9c75b417e7efc510b822a35564 # v1.0.4 + uses: ossf/scorecard-action@865b4092859256271290c77adbd10a43f4779972 with: results_file: results.sarif results_format: sarif