Merge pull request #5287 from piontec/ignore-scorecard-for-backports

add: OSSF scorecard configuration file - ignore false-positive
2 weeks ago · 09af0becc5
parent a4c513487e d84bff7d1b
commit 09af0becc5
1 changed files with 5 additions and 0 deletions
--- a/.scorecard.yml
+++ b/.scorecard.yml
@ -0,0 +1,5 @@
+annotations:
+  - checks:
+      - dangerous-workflow
+    reasons:
+      - reason: not-applicable # This workflow does not run untrusted code, the bot will only backport a code if the a PR was approved and merged into main.