Skip to content
POP - poutine on poutine

build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#202) #94

Sign in to view logs

build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#202)

build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#202) #94

Workflow file for this run

.github/workflows/pop.yml at a6dcf6c
name: POP - poutine on poutine
on:
push:
branches: [ main ]
paths:
- .github/workflows/**
- action.yml
pull_request:
branches: [ main ]
paths:
- .github/workflows/**
- action.yml
- '!README.md'
- '!LICENSE'
- '!docs/**'
- '!.github/**'
permissions: {}
jobs:
pop:
runs-on: ubuntu-latest
permissions:
security-events: write
contents: read
steps:
- uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: audit
allowed-endpoints: >
github.com:443
api.github.com:443
codeload.github.com:443
objects.githubusercontent.com:443
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: boostsecurityio/poutine-action@main # Dogfood the latest action
name: "Run poutine on poutine's own codebase"
id: self-test
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
with:
sarif_file: results.sarif