From 16d79fb7d7f7e5fc4352cbae4f80e29e78ec070e Mon Sep 17 00:00:00 2001 From: Gabor Koos Date: Fri, 29 May 2026 01:01:21 +0100 Subject: [PATCH] chore: openssf card generation added --- .github/workflows/scorecard.yml | 38 +++++++++++++++++++++++++++++++++ README.md | 1 + 2 files changed, 39 insertions(+) create mode 100644 .github/workflows/scorecard.yml diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml new file mode 100644 index 0000000..a1b571f --- /dev/null +++ b/.github/workflows/scorecard.yml @@ -0,0 +1,38 @@ +name: OpenSSF Scorecard + +on: + push: + branches: [main] + pull_request: + branches: [main] + schedule: + - cron: '0 8 * * 1' + workflow_dispatch: + +permissions: read-all + +jobs: + analyze: + name: Scorecard analysis + runs-on: ubuntu-latest + permissions: + security-events: write + id-token: write + contents: read + steps: + - name: Checkout + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + with: + persist-credentials: false + + - name: Run analysis + uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1 + with: + results_file: scorecard-results.sarif + results_format: sarif + publish_results: true + + - name: Upload to GitHub code scanning + uses: github/codeql-action/upload-sarif@03e4368ac7daa2bd82b3e85262f3bf87ee112f57 # v3 + with: + sarif_file: scorecard-results.sarif diff --git a/README.md b/README.md index 86dc244..f0452fc 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,7 @@ ![Build](https://github.com/fetch-kit/ffetch/actions/workflows/ci.yml/badge.svg) ![codecov](https://codecov.io/gh/fetch-kit/ffetch/branch/main/graph/badge.svg) +[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/fetch-kit/ffetch/badge)](https://scorecard.dev/viewer/?uri=github.com/fetch-kit/ffetch) ![MIT](https://img.shields.io/npm/l/@fetchkit/ffetch) ![bundlephobia](https://badgen.net/bundlephobia/minzip/@fetchkit/ffetch)