Merge #446

446: Disable the OSSF Scorecard Action r=jonasbb a=jonasbb Without a way to supress analysis results more permanently the security tab becomes too noisy. Either the action needs to allow an allowlist or the GitHub UI needs to be better in permanently supressing lines. The biggest annoyance is that each change to a action tag will trigger a new warning, even if the same line was ignored before. ossf/scorecard-action#143 Co-authored-by: Jonas Bushart <jonas@bushart.org>
jonasbb · May 3, 2022 · b1c723c · b1c723c
2 parents d646aab + 446c68d
commit b1c723c
Showing 1 changed file with 7 additions and 7 deletions.
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
@@ -1,11 +1,11 @@
 name: Scorecards supply-chain security
-on:
-  # Only the default branch is supported.
-  branch_protection_rule:
-  schedule:
-    - cron: '22 12 * * 4'
-  push:
-    branches: [ master ]
+on: []
+#  # Only the default branch is supported.
+#  branch_protection_rule:
+#  schedule:
+#    - cron: '22 12 * * 4'
+#  push:
+#    branches: [ master ]
 
 # Declare default permissions as read only.
 permissions: read-all