From 7cf34a5cf370a8eb23d2a22e63410d4e51eb5614 Mon Sep 17 00:00:00 2001
From: Blake Burkhart <bburky@bburky.com>
Date: Fri, 5 Apr 2024 00:37:36 -0500
Subject: [PATCH] fix: use default GITHUB_TOKEN for ossf/scorecard-action
 (#2416)

## Description

Zarf's branch protection was switched to rulesets instead of classic
branch protection (temporarily in evaluate mode). A PAT is no longer
needed. See:
https://github.com/ossf/scorecard-action#authentication-with-fine-grained-pat-optional

## Type of change

- [x] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [ ] Test, docs, adr added or updated as needed
- [ ] [Contributor Guide
Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow)
followed

Co-authored-by: razzle <harry@razzle.cloud>
---
 .github/workflows/scorecard.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index 1dcc7704ac..f98ea7bdd1 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -31,7 +31,6 @@ jobs:
         with:
           results_file: results.sarif
           results_format: sarif
-          repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
           publish_results: true
 
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF