From ceb144f3fcdaee9caee4c8a52af74a995cb03578 Mon Sep 17 00:00:00 2001 From: Ryan Parman Date: Fri, 8 Nov 2024 10:29:34 -0700 Subject: [PATCH] fix: Certain outbound API calls in workflows are blocked. --- .github/workflows/scorecard.yml | 1 + .github/workflows/trufflehog.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 0b5d2aa..684485f 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -45,6 +45,7 @@ jobs: api.deps.dev:443 api.github.com:443 api.osv.dev:443 + api.scorecard.dev:443 api.securityscorecards.dev:443 fulcio.sigstore.dev:443 github.com:443 diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml index 862f314..4bd3137 100644 --- a/.github/workflows/trufflehog.yml +++ b/.github/workflows/trufflehog.yml @@ -34,6 +34,7 @@ jobs: api.cloudflare.com:443 ghcr.io:443 github.com:443 + gitlab.com:443 pkg-containers.githubusercontent.com:443 - name: Checkout Source