chore: scorecard verifies branch protection rules (#70)

* chore: scorecard verifies branch protection rules * Add code owners This makes review requirements possible while still working with a repo that has only a single contributor.
rhwood · Nov 26, 2023 · 22732b8 · 22732b8
1 parent 215db96
commit 22732b8
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1,2 @@
+# Repo owner needs to review all changes
+*       @rhwood
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -49,7 +49,7 @@ jobs:
           # - you want to enable the Branch-Protection check on a *public* repository, or
           # - you are installing Scorecards on a *private* repository
           # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
-          # repo_token: ${{ secrets.SCORECARD_TOKEN }}
+          repo_token: ${{ secrets.SCORECARD_TOKEN }}
 
           # Public repositories:
           #   - Publish results to OpenSSF REST API for easy access by consumers