ci: add ossf scorecard workflow (#807)

This commit is contained in:
Frazer Smith
2026-06-16 17:30:34 +01:00
committed by GitHub
parent d721413ef5
commit 34f4f70dc4
2 changed files with 46 additions and 0 deletions
+45
View File
@@ -0,0 +1,45 @@
name: OSSF Scorecard Analysis
# **What it does**: Runs OSSF Scorecard analysis on the repository and uploads the results.
# **Why we have it**: Security scanning.
on:
branch_protection_rule:
push:
branches:
- main
paths-ignore:
- "docs/**"
- "*.md"
schedule:
# ┌───────────── minute (0 - 59)
# │ ┌───────────── hour (0 - 23)
# │ │ ┌───────────── day of the month (1 - 31)
# │ │ │ ┌───────────── month (1 - 12 or JAN-DEC)
# │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT)
# │ │ │ │ │
# │ │ │ │ │
# │ │ │ │ │
# * * * * *
- cron: "21 17 * * 0"
# Allows this workflow to be run manually from the Actions tab
workflow_dispatch:
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: "${{ github.workflow }}-${{ github.event.pull_request.head.label || github.head_ref || github.ref }}"
cancel-in-progress: true
permissions:
contents: read
jobs:
analysis:
name: OSSF Scorecard Analysis
permissions:
contents: read
id-token: write
security-events: write
uses: fdawgs/workflows/.github/workflows/reusable-ossf-scorecard.yml@15c09545397588f9a2ac47db6c6269520ebc983a # v2.2.0
with:
publish_results: true
+1
View File
@@ -5,6 +5,7 @@
[![CI](https://github.com/Fdawgs/node-poppler/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/Fdawgs/node-poppler/actions/workflows/ci.yml)
[![Coverage status](https://coveralls.io/repos/github/Fdawgs/node-poppler/badge.svg?branch=main)](https://coveralls.io/github/Fdawgs/node-poppler?branch=main)
[![code style: Prettier](https://img.shields.io/badge/code_style-prettier-ff69b4.svg?style=flat)](https://github.com/prettier/prettier)
[![OSSF Scorecard](https://api.scorecard.dev/projects/github.com/Fdawgs/node-poppler/badge)](https://scorecard.dev/viewer/?uri=github.com/Fdawgs/node-poppler)
> Asynchronous Node.js wrapper for the Poppler PDF rendering utilities