Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add OpenSSF scorecard workflow #149

Merged

Conversation

intelfisz
Copy link
Collaborator

No description provided.

Ensure following best open source security practices by monitoring
OpenSSF score of the project.

Signed-off-by: Filip Szufnarowski <filip.szufnarowski@intel.com>
@intelfisz intelfisz requested a review from a team as a code owner June 21, 2023 09:25
.github/workflows/scorecard.yml Fixed Show resolved Hide resolved
@codecov
Copy link

codecov bot commented Jun 21, 2023

Codecov Report

Merging #149 (f832d53) into main (3373edc) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main     #149   +/-   ##
=======================================
  Coverage   99.03%   99.03%           
=======================================
  Files           3        3           
  Lines         311      311           
=======================================
  Hits          308      308           
  Misses          2        2           
  Partials        1        1           

Ensure following best open source security practices by monitoring
OpenSSF score of the project.

Signed-off-by: Filip Szufnarowski <filip.szufnarowski@intel.com>
@intelfisz intelfisz force-pushed the feat-enable-ossf-scorecard-checks branch from 9a73c39 to 889327b Compare June 21, 2023 09:30
Signed-off-by: Filip Szufnarowski <filip.szufnarowski@intel.com>
Signed-off-by: Filip Szufnarowski <filip.szufnarowski@intel.com>
permissions:
# Keep in sync with opi-smbios-bridge, no direct way to inherit permissions
contents: read
security-events: write

Check failure

Code scanning / Scorecard

Token-Permissions

score is 0: jobLevel 'security-events' permission set to 'write' Remediation tip: Verify which permissions are needed and consider whether you can reduce them. Click Remediation section below for further remediation help
@artek-koltun artek-koltun merged commit b431557 into opiproject:main Jun 26, 2023
@intelfisz intelfisz deleted the feat-enable-ossf-scorecard-checks branch July 17, 2023 08:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants