From fa7c85b39804e74eef614914bddd0edd56d3b979 Mon Sep 17 00:00:00 2001 From: shubham-stepsecurity Date: Thu, 12 Sep 2024 21:51:38 +0530 Subject: [PATCH] add additional prms for scorecard template for private repos --- testfiles/addworkflow/expected-scorecards.yml | 5 +++++ workflow-templates/scorecards.yml | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/testfiles/addworkflow/expected-scorecards.yml b/testfiles/addworkflow/expected-scorecards.yml index 8106bf19..7ab71d04 100644 --- a/testfiles/addworkflow/expected-scorecards.yml +++ b/testfiles/addworkflow/expected-scorecards.yml @@ -28,6 +28,11 @@ jobs: id-token: write contents: read actions: read + # To allow GraphQL ListCommits to work + issues: read + pull-requests: read + # To detect SAST tools + checks: read steps: - name: "Checkout code" diff --git a/workflow-templates/scorecards.yml b/workflow-templates/scorecards.yml index b4b777e6..08c7a05f 100644 --- a/workflow-templates/scorecards.yml +++ b/workflow-templates/scorecards.yml @@ -28,6 +28,11 @@ jobs: id-token: write contents: read actions: read + # To allow GraphQL ListCommits to work + issues: read + pull-requests: read + # To detect SAST tools + checks: read steps: - name: "Checkout code"