From 633a3139664864af5c880335acc05ec34a4cbc2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Houpert?= <10154151+lhoupert@users.noreply.github.com> Date: Fri, 24 Apr 2026 11:52:43 +0100 Subject: [PATCH] ci: fix scrorecard settings Co-authored-by: Copilot --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index e8be46d..781fe98 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -14,7 +14,6 @@ concurrency: permissions: contents: read - actions: read # Required by Scorecard to evaluate workflow security posture jobs: analysis: @@ -23,6 +22,7 @@ jobs: permissions: security-events: write # Upload Scorecard SARIF to Code Scanning id-token: write # GitHub OIDC token for publish_results + actions: read # Required by Scorecard to evaluate workflow security posture steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2