Skip to content

build(deps): bump golang.org/x/net from 0.13.0 to 0.14.0 (#1614) #905

build(deps): bump golang.org/x/net from 0.13.0 to 0.14.0 (#1614)

build(deps): bump golang.org/x/net from 0.13.0 to 0.14.0 (#1614) #905

name: Scorecards supply-chain security
on:
# Only the default branch is supported.
branch_protection_rule:
schedule:
# Weekly on Saturdays.
- cron: '30 1 * * 6'
push:
branches:
- main
- 'release-**'
# Declare default permissions as none.
permissions: {}
jobs:
analysis:
name: Scorecard analysis
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Needed to publish results and get a badge (see publish_results below).
id-token: write
uses: sigstore/community/.github/workflows/reusable-scorecard.yml@d0c95c8803672313d0bf72e1a44021be5b583c24 # main
# (Optional) Disable publish results:
# with:
# publish_results: false
# (Optional) Enable Branch-Protection check:
secrets:
scorecard_token: ${{ secrets.SCORECARD_TOKEN }}