Skip to content

Commit

Permalink
update (#1031)
Browse files Browse the repository at this point in the history
Signed-off-by: laurentsimon <laurentsimon@google.com>

Signed-off-by: laurentsimon <laurentsimon@google.com>
  • Loading branch information
laurentsimon authored Dec 9, 2022
1 parent 8d8c1ec commit 420fff2
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 83 deletions.
8 changes: 7 additions & 1 deletion main.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,12 @@ import (
)

func main() {
triggerEventName := os.Getenv("GITHUB_EVENT_NAME")
if triggerEventName == "pull_request_target" {
log.Fatalf("pull_request_target trigger is not supported for security reasons" +
"see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/")
}

action, err := entrypoint.New()
if err != nil {
log.Fatalf("creating scorecard entrypoint: %v", err)
Expand All @@ -35,7 +41,7 @@ func main() {

if os.Getenv(options.EnvInputPublishResults) == "true" &&
// `pull_request` do not have the necessary `token-id: write` permissions.
os.Getenv("GITHUB_EVENT_NAME") != "pull_request" {
triggerEventName != "pull_request" {
// Get json results by re-running scorecard.
jsonPayload, err := signing.GetJSONScorecardResults()
if err != nil {
Expand Down

This file was deleted.

72 changes: 0 additions & 72 deletions starter-workflows/code-scanning/scorecards.yml

This file was deleted.

0 comments on commit 420fff2

Please sign in to comment.