From 1e900141e898f07622ef1d64f35f413a7467e6ce Mon Sep 17 00:00:00 2001
From: Nizoka <129803615+Nizoka@users.noreply.github.com>
Date: Sun, 14 Jun 2026 00:12:48 +0200
Subject: [PATCH] ci: make codeql and scorecard work on private/public repos

---
 .github/workflows/codeql.yml    | 1 +
 .github/workflows/scorecard.yml | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 5290f21..dd049e4 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -35,3 +35,4 @@ jobs:
         uses: github/codeql-action/analyze@v3
         with:
           category: '/language:${{ matrix.language }}'
+          upload: ${{ github.event.repository.private == false }}
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 7aadc28..7c5fe12 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -25,9 +25,10 @@ jobs:
       - name: Run analysis
         uses: ossf/scorecard-action@v2.4.0
         with:
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
           results_file: results.sarif
           results_format: sarif
-          publish_results: true
+          publish_results: ${{ github.event.repository.private == false }}
 
       - name: Upload artifact
         uses: actions/upload-artifact@v4
@@ -37,6 +38,7 @@ jobs:
           retention-days: 5
 
       - name: Upload to code-scanning
+        if: github.event.repository.private == false
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: results.sarif