taiars/nora - nora - Gitea: Git with a cup of tea

taiars/nora

Fork 0

mirror of https://github.com/getnora-io/nora.git synced 2026-04-12 16:10:31 +00:00

Commit Graph

Author	SHA1	Message	Date
devitway	15d12d073a	fix: use scorecard-action by tag for webapp verification	2026-03-17 11:02:14 +00:00
devitway	7df118d488	security: harden OpenSSF Scorecard compliance - Pin all GitHub Actions by SHA hash (Pinned-Dependencies) - Add top-level permissions: read-all (Token-Permissions) - Add explicit job-level permissions (least privilege) - Add OpenSSF Scorecard workflow with weekly schedule - Publish scorecard results to scorecard.dev and GitHub Security tab	2026-03-17 10:30:15 +00:00

Author

SHA1

Message

Date

devitway

15d12d073a

fix: use scorecard-action by tag for webapp verification

2026-03-17 11:02:14 +00:00

devitway

7df118d488

security: harden OpenSSF Scorecard compliance

- Pin all GitHub Actions by SHA hash (Pinned-Dependencies)
- Add top-level permissions: read-all (Token-Permissions)
- Add explicit job-level permissions (least privilege)
- Add OpenSSF Scorecard workflow with weekly schedule
- Publish scorecard results to scorecard.dev and GitHub Security tab

2026-03-17 10:30:15 +00:00

2 Commits