Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commite8d5fdf

Browse files
authored
chore: add OpenSSF badge (#15012)
1 parent6bf73a5 commite8d5fdf

File tree

2 files changed

+48
-0
lines changed

2 files changed

+48
-0
lines changed

‎.github/workflows/scorecard.yml

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
name:OpenSSF Scorecard
2+
on:
3+
branch_protection_rule:
4+
schedule:
5+
-cron:"27 7 * * 3"# A random time to run weekly
6+
push:
7+
branches:["main"]
8+
9+
permissions:read-all
10+
11+
jobs:
12+
analysis:
13+
name:Scorecard analysis
14+
runs-on:ubuntu-latest
15+
permissions:
16+
# Needed to upload the results to code-scanning dashboard.
17+
security-events:write
18+
# Needed to publish results and get a badge (see publish_results below).
19+
id-token:write
20+
21+
steps:
22+
-name:"Checkout code"
23+
uses:actions/checkout@d632683dd7b4114ad314bca15554477dd762a938# v4.2.0
24+
with:
25+
persist-credentials:false
26+
27+
-name:"Run analysis"
28+
uses:ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46# v2.4.0
29+
with:
30+
results_file:results.sarif
31+
results_format:sarif
32+
repo_token:${{ secrets.GITHUB_TOKEN }}
33+
publish_results:true
34+
35+
# Upload the results as artifacts.
36+
-name:"Upload artifact"
37+
uses:actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874# v4.4.0
38+
with:
39+
name:SARIF file
40+
path:results.sarif
41+
retention-days:5
42+
43+
# Upload the results to GitHub's code scanning dashboard.
44+
-name:"Upload to code-scanning"
45+
uses:github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13# v3.26.10
46+
with:
47+
sarif_file:results.sarif

‎README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@
2727
[![godoc](https://pkg.go.dev/badge/github.com/coder/coder.svg)](https://pkg.go.dev/github.com/coder/coder)
2828
[![Go Report Card](https://goreportcard.com/badge/github.com/coder/coder/v2)](https://goreportcard.com/report/github.com/coder/coder/v2)
2929
[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9511/badge)](https://www.bestpractices.dev/projects/9511)
30+
[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/coder/coder/badge)](https://api.securityscorecards.dev/projects/github.com/coder/coder)
3031
[![license](https://img.shields.io/github/license/coder/coder)](./LICENSE)
3132

3233
</div>

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp