diff --git a/.github/workflows/ossf.yml b/.github/workflows/ossf.yml new file mode 100644 index 000000000..a95b84687 --- /dev/null +++ b/.github/workflows/ossf.yml @@ -0,0 +1,21 @@ +name: OSSF Scorecard Weekly + +on: + schedule: + - cron: '0 0 * * 0' # Runs every Sunday at midnight UTC + workflow_dispatch: + +jobs: + ossf-scorecard: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Publish OSSF Scorecard badge to README + uses: ossf/scorecard-action@v2 + with: + publish_results: true + badge: true + branch: main + readme_path: README.md diff --git a/AUTHORS b/AUTHORS index 3e593aaf4..ef905531d 100644 --- a/AUTHORS +++ b/AUTHORS @@ -54,6 +54,7 @@ MongoDB Inc. Nick Hutchinson Norman Heino Oleksandr Sochka +Olga Fadeeva Ori Livneh Paul Redmond Prithvi Rao diff --git a/CONTRIBUTORS b/CONTRIBUTORS index 5c68838bd..4b015925a 100644 --- a/CONTRIBUTORS +++ b/CONTRIBUTORS @@ -76,6 +76,7 @@ Min-Yih Hsu Nick Hutchinson Norman Heino Oleksandr Sochka +Olga Fadeeva Ori Livneh Pascal Leroy Paul Redmond diff --git a/README.md b/README.md index 4e730256b..a044cf9e4 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,7 @@ [![pylint](https://github.com/google/benchmark/workflows/pylint/badge.svg)](https://github.com/google/benchmark/actions?query=workflow%3Apylint) [![test-bindings](https://github.com/google/benchmark/workflows/test-bindings/badge.svg)](https://github.com/google/benchmark/actions?query=workflow%3Atest-bindings) [![Coverage Status](https://coveralls.io/repos/google/benchmark/badge.svg)](https://coveralls.io/r/google/benchmark) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/google/benchmark/badge)](https://securityscorecards.dev/viewer/?uri=github.com/google/benchmark) [![Discord](https://discordapp.com/api/guilds/1125694995928719494/widget.png?style=shield)](https://discord.gg/cz7UX7wKC2)