github-community-projects / private-mirrors

A GitHub App that allows you to contribute upstream using private mirrors of public projects

MIT License

125 stars 13 forks source link

chore: add OSSF Scorecard GitHub Action #143

Closed jmeridth closed 3 months ago

jmeridth commented 3 months ago

Pull Request

Proposed Changes

[x] Add the OSSF Scorecard GitHub Action to this repo.
[x] Add badges to README

(ossf scorecard badge will propagate after this PR merges)

Allows us to detect supply chain security for this GitHub App

Readiness Checklist

Author/Contributor

[x] If documentation is needed for this change, has that been included in this pull request
[x] run npm run lint and fix any linting issues that have been introduced
[x] run npm run test and run tests

Reviewer

[x] Label as either bug, documentation, enhancement, infrastructure, maintenance, or breaking