From 8014b843d1e756a03b7f3b816042e07f859f39d3 Mon Sep 17 00:00:00 2001 From: Rob Bos Date: Thu, 8 Dec 2022 09:46:29 +0100 Subject: [PATCH 1/2] Fix the spaces in the URL Signed-off-by: Rob Bos --- README.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/README.md b/README.md index 0a537637..bb5674d8 100644 --- a/README.md +++ b/README.md @@ -131,9 +131,7 @@ Starting with scorecard-action:v2, users can use a REST API to query their lates Starting with scorecard-action:v2, users can add a Scorecard Badge to their README to display the latest status of their Scorecard results. This requires setting [`publish_results: true`](https://github.com/ossf/scorecard/blob/d13ba3f3355b958d5d62edc47282a2e7ed9fa7c1/.github/workflows/scorecard-analysis.yml#L39) for the action and enabling [`id-token: write`](https://github.com/ossf/scorecard/blob/d13ba3f3355b958d5d62edc47282a2e7ed9fa7c1/.github/workflows/scorecard-analysis.yml#L22) permission for the job (needed to access GitHub OIDC token). The badge is updated on every run of scorecard-action and points to the latest result. To add a badge to your README, copy and paste the below lines: ``` -[![OpenSSF Scorecard] -(https://api.securityscorecards.dev/projects/github.com/{org}/{repo}/badge)] -(https://api.securityscorecards.dev/projects/github.com/{org}/{repo}) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/{org}/{repo}/badge)](https://api.securityscorecards.dev/projects/github.com/{org}/{repo}) ``` Once this badge is added, clicking on the badge will take users to the latest run result of Scorecard. From e8cddf9f4958cbf90d5d68b3c6cc53b7f23f8030 Mon Sep 17 00:00:00 2001 From: Rob Bos Date: Thu, 8 Dec 2022 09:48:16 +0100 Subject: [PATCH 2/2] Correct the texts Signed-off-by: Rob Bos --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index bb5674d8..875e5189 100644 --- a/README.md +++ b/README.md @@ -128,10 +128,10 @@ Starting with scorecard-action:v2, users can use a REST API to query their lates ### Scorecard Badge -Starting with scorecard-action:v2, users can add a Scorecard Badge to their README to display the latest status of their Scorecard results. This requires setting [`publish_results: true`](https://github.com/ossf/scorecard/blob/d13ba3f3355b958d5d62edc47282a2e7ed9fa7c1/.github/workflows/scorecard-analysis.yml#L39) for the action and enabling [`id-token: write`](https://github.com/ossf/scorecard/blob/d13ba3f3355b958d5d62edc47282a2e7ed9fa7c1/.github/workflows/scorecard-analysis.yml#L22) permission for the job (needed to access GitHub OIDC token). The badge is updated on every run of scorecard-action and points to the latest result. To add a badge to your README, copy and paste the below lines: +Starting with scorecard-action:v2, users can add a Scorecard Badge to their README to display the latest status of their Scorecard results. This requires setting [`publish_results: true`](https://github.com/ossf/scorecard/blob/d13ba3f3355b958d5d62edc47282a2e7ed9fa7c1/.github/workflows/scorecard-analysis.yml#L39) for the action and enabling [`id-token: write`](https://github.com/ossf/scorecard/blob/d13ba3f3355b958d5d62edc47282a2e7ed9fa7c1/.github/workflows/scorecard-analysis.yml#L22) permission for the job (needed to access GitHub OIDC token). The badge is updated on every run of scorecard-action and points to the latest result. To add a badge to your README, copy and paste the below line, and replace the {owner} and {repo} parts. ``` -[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/{org}/{repo}/badge)](https://api.securityscorecards.dev/projects/github.com/{org}/{repo}) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/{owner}/{repo}/badge)](https://api.securityscorecards.dev/projects/github.com/{owner}/{repo}) ``` Once this badge is added, clicking on the badge will take users to the latest run result of Scorecard.