[llvm] [workflows] Update the version of the scorecard-action (PR #86753)
via llvm-commits
llvm-commits at lists.llvm.org
Tue Mar 26 17:34:48 PDT 2024
llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT-->
@llvm/pr-subscribers-github-workflow
Author: Tom Stellard (tstellar)
<details>
<summary>Changes</summary>
I'm hoping this will fix the errors we've been seeing the last few days:
2024-03-19T20:44:07.4841482Z 2024/03/19 20:44:07 error signing scorecard json results: error signing payload: getting key from Fulcio: verifying SCT: updating local metadata and targets: error updating to TUF remote mirror: invalid key
---
Full diff: https://github.com/llvm/llvm-project/pull/86753.diff
1 Files Affected:
- (modified) .github/workflows/scorecard.yml (+1-1)
``````````diff
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index b8e8ab26c3ffa6..ff61cf83a6af3c 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -36,7 +36,7 @@ jobs:
persist-credentials: false
- name: "Run analysis"
- uses: ossf/scorecard-action at e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
+ uses: ossf/scorecard-action at 0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
with:
results_file: results.sarif
results_format: sarif
``````````
</details>
https://github.com/llvm/llvm-project/pull/86753
More information about the llvm-commits
mailing list