Skip to content

Commit bc1ca57

Browse files
author
Kenneth Rosario
authored
chore: fix scorecard action acls (#238)
1 parent 9f75869 commit bc1ca57

File tree

1 file changed

+2
-3
lines changed

1 file changed

+2
-3
lines changed

.github/workflows/scorecard.yml

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -31,18 +31,17 @@ jobs:
3131
disable-sudo: true
3232
egress-policy: block
3333
allowed-endpoints: >
34-
api.github.com:443
3534
api.osv.dev:443
3635
api.securityscorecards.dev:443
3736
auth.docker.io:443
3837
bestpractices.coreinfrastructure.org:443
39-
fulcio.sigstore.dev:443
4038
github.com:443
4139
index.docker.io:443
4240
oss-fuzz-build-logs.storage.googleapis.com:443
4341
sigstore-tuf-root.storage.googleapis.com:443
44-
rekor.sigstore.dev:443
4542
www.bestpractices.dev:443
43+
*.sigstore.dev:443
44+
*.github.com:443
4645
4746
- name: "Checkout code"
4847
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

0 commit comments

Comments
 (0)