Google Git
Sign in
skia/external/github.com/KhronosGroup/SPIRV-Tools/refs/heads/dependabot/github_actions/github-actions-ca6608e035^!/.
commit
4fb579321650ccf0b7346b2d5c643b98093937b6
[log] [tgz]
author
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Mon Jun 02 08:03:38 2025 +0000
committer
GitHub <noreply@github.com>
Mon Jun 02 08:03:38 2025 +0000
tree
f9893ea727ca59c5cd9f43b815e213aaca8072b9
parent
066f726eb6f8a7ffad42c18c41d4b65bfc946b6d [diff]
build(deps): bump ossf/scorecard-action in the github-actions group

Bumps the github-actions group with 1 update: [ossf/scorecard-action](https://github.com/ossf/scorecard-action).


Updates `ossf/scorecard-action` from 2.4.1 to 2.4.2
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](https://github.com/ossf/scorecard-action/compare/f49aabe0b5af0936a0987cfb85d86b75731b0186...05b42c624433fc40578a4040d5cf5e36ddca8cde)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-version: 2.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index aef9a59..48c5640 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml

@@ -28,7 +28,7 @@
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
+        uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
         with:
           results_file: results.sarif
           results_format: sarif