[llvm] [workflows] Update the version of the scorecard-action (PR #86753)
Tom Stellard via llvm-commits
llvm-commits at lists.llvm.org
Tue Mar 26 17:34:17 PDT 2024
https://github.com/tstellar created https://github.com/llvm/llvm-project/pull/86753
I'm hoping this will fix the errors we've been seeing the last few days:
2024-03-19T20:44:07.4841482Z 2024/03/19 20:44:07 error signing scorecard json results: error signing payload: getting key from Fulcio: verifying SCT: updating local metadata and targets: error updating to TUF remote mirror: invalid key
>From 8546ead349f1068c3a9176ef46637e597730c66a Mon Sep 17 00:00:00 2001
From: Tom Stellard <tstellar at redhat.com>
Date: Tue, 26 Mar 2024 17:29:45 -0700
Subject: [PATCH] [workflows] Update the version of the scorecard-action
I'm hoping this will fix the errors we've been seeing the last few
days:
2024-03-19T20:44:07.4841482Z 2024/03/19 20:44:07 error signing scorecard json
results: error signing payload: getting key from Fulcio: verifying SCT:
updating local metadata and targets: error updating to TUF remote mirror:
invalid key
---
.github/workflows/scorecard.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index b8e8ab26c3ffa6..ff61cf83a6af3c 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -36,7 +36,7 @@ jobs:
persist-credentials: false
- name: "Run analysis"
- uses: ossf/scorecard-action at e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
+ uses: ossf/scorecard-action at 0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
with:
results_file: results.sarif
results_format: sarif
More information about the llvm-commits
mailing list