chore(ci): bump scorecard

avivkeller · web-flow · commit 2faaca297ff3 · 2025-12-30T20:27:09.000-05:00
Signed-off-by: Aviv Keller &lt;me@aviv.sh&gt;
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -10,14 +10,15 @@ on:
   push:
     branches:
       - main
+      - fix/scorecard
 
 # Declare default permissions as read only.
 permissions: read-all
 
 jobs:
   analysis:
     name: Scorecard analysis
-    uses: nodejs/web-team/.github/workflows/scorecard.yml@9f3c83af227d721768d9dbb63009a47ed4f4282f
+    uses: nodejs/web-team/.github/workflows/scorecard.yml@64d15ba684371b26784aa58680ea3f31120213ba
     permissions:
       # Needed to upload the results to code-scanning dashboard.
       security-events: write
