From 36733b94bd8c5afd46492c7a22ca80e1785867b4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juli=C3=A1n=20S=C3=A1nchez?=
 <50778235+juliandsg0222@users.noreply.github.com>
Date: Wed, 24 Apr 2024 17:11:07 -0500
Subject: [PATCH] Add allowed-endpoints in the scorecards workflow

---
 .github/workflows/scorecards.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index e294cbd..65124fb 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -34,7 +34,10 @@ jobs:
             fulcio.sigstore.dev:443
             github.com:443
             rekor.sigstore.dev:443
+            *.sigstore.dev:443
             sigstore-tuf-root.storage.googleapis.com:443
+            oss-fuzz-build-logs.storage.googleapis.com:443
+            www.bestpractices.dev:443
 
       - name: "Checkout code"
         uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3