enable scorecard repo introspection #158

django-commons · Jan 7, 2025 · e5a755d · e5a755d
1 parent 5015389
commit e5a755d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/.github/workflows/security/scorecard.yml b/.github/workflows/security/scorecard.yml
@@ -36,7 +36,7 @@ jobs:
           # - you want to enable the Branch-Protection check on a *public* repository, or
           # - you are installing Scorecard on a *private* repository
           # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action?tab=readme-ov-file#authentication-with-fine-grained-pat-optional.
-          # repo_token: ${{ secrets.SCORECARD_TOKEN }}
+          repo_token: ${{ secrets.SCORECARD_TOKEN }}
 
           # Public repositories:
           #   - Publish results to OpenSSF REST API for easy access by consumers