mirror of
https://github.com/codecov/codecov-action.git
synced 2025-12-08 16:16:24 +00:00
chore(ci): restrict scorecards to codecov/codecov-action (#1512)
This commit is contained in:
Tom Hu
9
.github/workflows/scorecards-analysis.yml
vendored
9
.github/workflows/scorecards-analysis.yml
vendored
@@ -12,6 +12,7 @@ permissions: read-all
|
||||
|
||||
jobs:
|
||||
analysis:
|
||||
if: github.repository == 'codecov/codecov-action'
|
||||
name: Scorecards analysis
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
@@ -21,7 +22,7 @@ jobs:
|
||||
id-token: write
|
||||
actions: read
|
||||
contents: read
|
||||
|
||||
|
||||
steps:
|
||||
- name: "Checkout code"
|
||||
uses: actions/checkout@v4.1.7 # v3.0.0
|
||||
@@ -40,8 +41,8 @@ jobs:
|
||||
# repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
|
||||
|
||||
# Publish the results for public repositories to enable scorecard badges. For more details, see
|
||||
# https://github.com/ossf/scorecard-action#publishing-results.
|
||||
# For private repositories, `publish_results` will automatically be set to `false`, regardless
|
||||
# https://github.com/ossf/scorecard-action#publishing-results.
|
||||
# For private repositories, `publish_results` will automatically be set to `false`, regardless
|
||||
# of the value entered here.
|
||||
publish_results: true
|
||||
|
||||
@@ -53,7 +54,7 @@ jobs:
|
||||
name: SARIF file
|
||||
path: results.sarif
|
||||
retention-days: 5
|
||||
|
||||
|
||||
# Upload the results to GitHub's code scanning dashboard.
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@v3.25.12 # v1.0.26
|
||||
|
||||
4
dist/index.js
vendored
Executable file → Normal file
4
dist/index.js
vendored
Executable file → Normal file
@@ -32351,12 +32351,12 @@ const isPullRequestFromFork = () => {
|
||||
return (baseLabel.split(':')[0] !== headLabel.split(':')[0]);
|
||||
};
|
||||
const getToken = () => buildExec_awaiter(void 0, void 0, void 0, function* () {
|
||||
if (isPullRequestFromFork()) {
|
||||
let token = core.getInput('token');
|
||||
if (!token && isPullRequestFromFork()) {
|
||||
core.info('==> Fork detected, tokenless uploading used');
|
||||
process.env['TOKENLESS'] = context.payload.pull_request.head.label;
|
||||
return Promise.resolve('');
|
||||
}
|
||||
let token = core.getInput('token');
|
||||
let url = core.getInput('url');
|
||||
const useOIDC = isTrue(core.getInput('use_oidc'));
|
||||
if (useOIDC) {
|
||||
|
||||
2
dist/index.js.map
vendored
2
dist/index.js.map
vendored
File diff suppressed because one or more lines are too long
Reference in New Issue
Block a user