summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoraiuto <aiuto@google.com>2024-04-02 11:48:37 -0400
committerGitHub <noreply@github.com>2024-04-02 11:48:37 -0400
commita56b1d9d339b70c01f92db74d62f4973a789f0fd (patch)
treed0a907217be1758a2363d8e654b4a354ae17552a
parente14245aa9653b462f60a9f202d25fd5956983e03 (diff)
downloadbazelbuild-rules_pkg-a56b1d9d339b70c01f92db74d62f4973a789f0fd.tar.gz
trying scorecard update one more time (#841)
* trying scorecard update one more time
Diffstat
-rw-r--r--.github/workflows/scorecard.yml8
1 files changed, 4 insertions, 4 deletions
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index ce76060..fa75f38 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -32,15 +32,15 @@ jobs:
steps:
- name: Setup Node.js environment
- uses: actions/setup-node@v4.0.2
+ uses: actions/setup-node@v4
- name: "Checkout code"
- uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+ uses: actions/checkout@v4
with:
persist-credentials: false
- name: "Run analysis"
- uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3
+ uses: ossf/scorecard-action@v2
with:
results_file: results.sarif
results_format: sarif
@@ -62,7 +62,7 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
- uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
+ uses: actions/upload-artifact@v3
with:
name: SARIF file
path: results.sarif
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 21:22:14 +0000