Merge pull request #5287 from piontec/ignore-scorecard-for-backports

add: OSSF scorecard configuration file - ignore false-positive
2026-03-19 09:26:55 +00:00 · 2025-04-04 11:06:29 +01:00
parent a4c513487e d84bff7d1b
commit 09af0becc5
1 changed files with 5 additions and 0 deletions
--- a/.scorecard.yml
+++ b/.scorecard.yml
@@ -0,0 +1,5 @@
+annotations:
+  - checks:
+      - dangerous-workflow
+    reasons:
+      - reason: not-applicable # This workflow does not run untrusted code, the bot will only backport a code if the a PR was approved and merged into main.