Skip to content

chore: release 7.98.7-uds.0 (#50) #55

chore: release 7.98.7-uds.0 (#50)

chore: release 7.98.7-uds.0 (#50) #55

Workflow file for this run

# Copyright 2024 Defense Unicorns
# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
name: Scorecards supply-chain security
on:
# Only the default branch is supported.
branch_protection_rule:
schedule:
- cron: '30 1 * * 6'
push:
branches: ["main"]
# Declare default permissions as read only.
permissions: read-all
jobs:
validate:

Check failure on line 17 in .github/workflows/scorecard.yaml

View workflow run for this annotation

GitHub Actions / Scorecards supply-chain security

Invalid workflow file

The workflow is not valid. .github/workflows/scorecard.yaml (Line: 17, Col: 3): Error calling workflow 'defenseunicorns/uds-common/.github/workflows/callable-scorecard.yaml@d59b1c601730bfa7ab76439643242358e529603e'. The workflow is requesting 'actions: read, attestations: read, checks: read, contents: read, deployments: read, discussions: read, issues: read, packages: read, pages: read, pull-requests: read, repository-projects: read, statuses: read', but is only allowed 'actions: none, attestations: none, checks: none, co[...]
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Used to receive a badge.
id-token: write
uses: defenseunicorns/uds-common/.github/workflows/callable-scorecard.yaml@d59b1c601730bfa7ab76439643242358e529603e # v1.2.2
secrets: inherit