From 38aa3f993b74272342bf6a1b05dea29cf8e8a0a3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:03:56 +0000 Subject: [PATCH] chore(deps): bump ossf/scorecard-action from 1.0.3 to 2.1.2 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.0.3 to 2.1.2. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/b614d455ee90608b5e36e3299cd50d457eb37d5f...e38b1902ae4f44df626f11ba0734b14fb91f8f86) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/scorecards-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index a2d9bd10958e4..0d3c15b3bc976 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -27,7 +27,7 @@ jobs: persist-credentials: false - name: 'Run analysis' - uses: ossf/scorecard-action@b614d455ee90608b5e36e3299cd50d457eb37d5f # v1.0.2 + uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v1.0.2 with: results_file: results.sarif results_format: sarif