From 2faaca297ff3c32fca226a51628a448ca2f7d59a Mon Sep 17 00:00:00 2001
From: Aviv Keller <me@aviv.sh>
Date: Tue, 30 Dec 2025 20:27:09 -0500
Subject: [PATCH 1/2] chore(ci): bump scorecard

Signed-off-by: Aviv Keller <me@aviv.sh>
---
 .github/workflows/scorecard.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index d6e093c16200d..3ffd9a8e48f5d 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -10,6 +10,7 @@ on:
   push:
     branches:
       - main
+      - fix/scorecard
 
 # Declare default permissions as read only.
 permissions: read-all
@@ -17,7 +18,7 @@ permissions: read-all
 jobs:
   analysis:
     name: Scorecard analysis
-    uses: nodejs/web-team/.github/workflows/scorecard.yml@9f3c83af227d721768d9dbb63009a47ed4f4282f
+    uses: nodejs/web-team/.github/workflows/scorecard.yml@64d15ba684371b26784aa58680ea3f31120213ba
     permissions:
       # Needed to upload the results to code-scanning dashboard.
       security-events: write

From 447665800a0074901f9ef39c347302fc351dca99 Mon Sep 17 00:00:00 2001
From: Aviv Keller <me@aviv.sh>
Date: Tue, 30 Dec 2025 20:33:38 -0500
Subject: [PATCH 2/2] Update scorecard.yml

Signed-off-by: Aviv Keller <me@aviv.sh>
---
 .github/workflows/scorecard.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 3ffd9a8e48f5d..28301fade8856 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -10,7 +10,6 @@ on:
   push:
     branches:
       - main
-      - fix/scorecard
 
 # Declare default permissions as read only.
 permissions: read-all