mirror of
https://github.com/Fdawgs/node-poppler.git
synced 2026-07-02 00:17:43 +08:00
ci: add ossf scorecard workflow (#807)
This commit is contained in:
@@ -0,0 +1,45 @@
|
||||
name: OSSF Scorecard Analysis
|
||||
|
||||
# **What it does**: Runs OSSF Scorecard analysis on the repository and uploads the results.
|
||||
# **Why we have it**: Security scanning.
|
||||
|
||||
on:
|
||||
branch_protection_rule:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths-ignore:
|
||||
- "docs/**"
|
||||
- "*.md"
|
||||
schedule:
|
||||
# ┌───────────── minute (0 - 59)
|
||||
# │ ┌───────────── hour (0 - 23)
|
||||
# │ │ ┌───────────── day of the month (1 - 31)
|
||||
# │ │ │ ┌───────────── month (1 - 12 or JAN-DEC)
|
||||
# │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT)
|
||||
# │ │ │ │ │
|
||||
# │ │ │ │ │
|
||||
# │ │ │ │ │
|
||||
# * * * * *
|
||||
- cron: "21 17 * * 0"
|
||||
# Allows this workflow to be run manually from the Actions tab
|
||||
workflow_dispatch:
|
||||
|
||||
# This allows a subsequently queued workflow run to interrupt previous runs
|
||||
concurrency:
|
||||
group: "${{ github.workflow }}-${{ github.event.pull_request.head.label || github.head_ref || github.ref }}"
|
||||
cancel-in-progress: true
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
analysis:
|
||||
name: OSSF Scorecard Analysis
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
security-events: write
|
||||
uses: fdawgs/workflows/.github/workflows/reusable-ossf-scorecard.yml@15c09545397588f9a2ac47db6c6269520ebc983a # v2.2.0
|
||||
with:
|
||||
publish_results: true
|
||||
@@ -5,6 +5,7 @@
|
||||
[](https://github.com/Fdawgs/node-poppler/actions/workflows/ci.yml)
|
||||
[](https://coveralls.io/github/Fdawgs/node-poppler?branch=main)
|
||||
[](https://github.com/prettier/prettier)
|
||||
[](https://scorecard.dev/viewer/?uri=github.com/Fdawgs/node-poppler)
|
||||
|
||||
> Asynchronous Node.js wrapper for the Poppler PDF rendering utilities
|
||||
|
||||
|
||||
Reference in New Issue
Block a user