[Code Analysis] OSSF Scorecard #1

Workflow file for this run

.github/workflows/scorecard.yml at 01789f6

	---
	# SPDX-FileCopyrightText: (C) 2025 Intel Corporation
	# SPDX-License-Identifier: Apache-2.0

	name: "[Code Analysis] OSSF Scorecard"
	run-name: "[Code Analysis] OSSF Scorecard"

	on:
	workflow_dispatch: {}
	pull_request:
	branches:
	- main
	- release-*
	types:
	- opened
	- synchronize
	- reopened
	push:
	branches:
	- main
	- release-*

	# Trigger workflow when enqueued to a merge group
	# (must be under 'on')
	merge_group:

	# Only run at most 1 workflow concurrently per PR or per branch to keep costs down
	concurrency:
	group: ${{ github.workflow }}-${{ github.event.pull_request.number \|\| github.ref }}
	cancel-in-progress: true

	permissions:
	contents: read

	jobs:
	scorecard:
	name: "Run OpenSSF Scorecard"
	runs-on: ubuntu-latest
	permissions:
	contents: read
	# Needed to upload the results to code-scanning dashboard.
	security-events: write
	# Needed to publish results and get a badge (see publish_results below).
	id-token: write
	steps:
	- name: "Checkout code"
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	persist-credentials: false
	- name: "Run OpenSSF Scorecard"
	uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
	with:
	results_file: scorecard-results.sarif
	results_format: sarif
	repo_token: ${{ secrets.SYS_EMF_GH_TOKEN }}
	publish_results: true
	- name: "Upload Scorecard Results"
	uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
	with:
	sarif_file: scorecard-results.sarif
	- name: "Upload Scorecard Results"
	uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
	with:
	name: scorecard-results
	path: scorecard-results.sarif

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Code Analysis] OSSF Scorecard #1

Workflow file

[Code Analysis] OSSF Scorecard #1

Uh oh!

Workflow file for this run