diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml index 1961745a02..dff3908624 100644 --- a/.github/workflows/openssf-scorecard.yml +++ b/.github/workflows/openssf-scorecard.yml @@ -25,7 +25,7 @@ jobs: with: persist-credentials: false - name: Run OpenSSF Scorecard analysis - uses: ossf/scorecard-action@v2.1.3 + uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 with: results_file: results.sarif results_format: sarif diff --git a/README.md b/README.md index 1c4b9409fa..5fb888f8d9 100644 --- a/README.md +++ b/README.md @@ -283,7 +283,7 @@ channel; please see our [security policy][security] for details. [openssf-best-practices-badge]: https://bestpractices.coreinfrastructure.org/projects/7199/badge [openssf-best-practices-checklist]: https://bestpractices.coreinfrastructure.org/projects/7199 [openssf-scorecard-badge]: https://img.shields.io/ossf-scorecard/github.com/PicnicSupermarket/error-prone-support?label=openssf%20scorecard -[openssf-scorecard-report]: https://api.securityscorecards.dev/projects/github.com/PicnicSupermarket/error-prone-support +[openssf-scorecard-report]: https://securityscorecards.dev/viewer/?uri=github.com/PicnicSupermarket/error-prone-support [picnic-blog-ep-post]: https://blog.picnic.nl/picnic-loves-error-prone-producing-high-quality-and-consistent-java-code-b8a566be6886 [picnic-blog]: https://blog.picnic.nl [pitest-badge]: https://img.shields.io/badge/-Mutation%20tested%20with%20PIT-blue.svg