Thanks to visit codestin.com Credit goes to github.com
We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 9f75869 commit bc1ca57Copy full SHA for bc1ca57
.github/workflows/scorecard.yml
@@ -31,18 +31,17 @@ jobs:
31
disable-sudo: true
32
egress-policy: block
33
allowed-endpoints: >
34
- api.github.com:443
35
api.osv.dev:443
36
api.securityscorecards.dev:443
37
auth.docker.io:443
38
bestpractices.coreinfrastructure.org:443
39
- fulcio.sigstore.dev:443
40
github.com:443
41
index.docker.io:443
42
oss-fuzz-build-logs.storage.googleapis.com:443
43
sigstore-tuf-root.storage.googleapis.com:443
44
- rekor.sigstore.dev:443
45
www.bestpractices.dev:443
+ *.sigstore.dev:443
+ *.github.com:443
46
47
- name: "Checkout code"
48
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
0 commit comments