OSSF Scorecard action

Version updated for ossf/scorecard-action to version v2.4.0.

• This publisher is shown as ‘verified’ by GitHub.
• This action is used across all versions by 0 repositories.

Go to the GitHub Marketplace to find the latest changes.

Release notes

What’s Changed

This update bumps the Scorecard version to the v5 release. For a complete list of changes, please refer to the v5.0.0 release notes. Of special note to Scorecard Action is the Maintainer Annotation feature, which can be used to suppress some Code Scanning false positives. Alerts will not be generated for any Scorecard Check with an annotation.

• :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0 by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1410
• :bug: lower license sarif alert threshold to 9 by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1411

Documentation

• docs: dogfooding badge by @jkowalleck in https://github.com/ossf/scorecard-action/pull/1399

New Contributors

• @jkowalleck made their first contribution in https://github.com/ossf/scorecard-action/pull/1399

Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.3.3...v2.4.0

• ossf
• GitHub Actions