From 7174d60ed23f8e0c4db27ee7539470acb4b37246 Mon Sep 17 00:00:00 2001
From: Joyce <joycebrum@google.com>
Date: Fri, 28 Oct 2022 17:25:43 -0300
Subject: [PATCH] Fix Scorecard Github Action not working  (#8402)

* chore: create security policy

Signed-off-by: Joyce Brum <joycebrumu.u@gmail.com>

* chore: only latest release on security police

Signed-off-by: Joyce Brum <joycebrumu.u@gmail.com>

* chore: security policy support on effort base

Signed-off-by: Joyce Brum <joycebrumu.u@gmail.com>

* Use dedicated e-mail address for security reporting

* fix: upgrade scorecard action version

Signed-off-by: Joyce Brum <joycebrum@google.com>

Signed-off-by: Joyce Brum <joycebrumu.u@gmail.com>
Signed-off-by: Joyce Brum <joycebrum@google.com>
Co-authored-by: Philip Hyunsu Cho <chohyu01@cs.washington.edu>
---
 .github/workflows/scorecards.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index a9c2cb216..cb8882961 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -27,7 +27,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@865b4092859256271290c77adbd10a43f4779972 # tag=v2.0.3
+        uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # tag=v2.0.6
         with:
           results_file: results.sarif
           results_format: sarif