From 6bfb77ac159967ce93ae9316c95ae2f153829244 Mon Sep 17 00:00:00 2001 From: Stephan Schroevers Date: Sun, 9 Apr 2023 10:38:07 +0200 Subject: [PATCH] Document --- .github/workflows/build.yaml | 10 +++++----- .github/workflows/openssf-scorecard.yml | 5 +++++ 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 9a694d04fd..457fc2b73c 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -29,11 +29,11 @@ jobs: runs-on: ${{ matrix.os }} continue-on-error: ${{ matrix.experimental }} steps: - # We run the build twice for each supported JDK: once against the - # original Error Prone release, using only Error Prone checks available - # on Maven Central, and once against the Picnic Error Prone fork, - # additionally enabling all checks defined in this project and any - # Error Prone checks available only from other artifact repositories. + # We run the build twice for each supported JDK: once against the + # original Error Prone release, using only Error Prone checks available + # on Maven Central, and once against the Picnic Error Prone fork, + # additionally enabling all checks defined in this project and any Error + # Prone checks available only from other artifact repositories. - name: Check out code uses: actions/checkout@v3.1.0 with: diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml index a1ed5a2e87..420cf00743 100644 --- a/.github/workflows/openssf-scorecard.yml +++ b/.github/workflows/openssf-scorecard.yml @@ -1,3 +1,8 @@ +# Analyzes the code base and GitHub project configuration for adherence to +# security best practices for open source software. Identified issues are +# registered with GitHub's code scanning dashboard. When a pull request is +# analyzed, any offending lines are annotated. See +# https://securityscorecards.dev for details. name: OpenSSF Scorecard update on: pull_request: