Update workflow triggers

thomasleplus · thomasleplus · commit 90aa26288762 · 2024-05-10T09:25:08.000-06:00
diff --git a/.github/workflows/osv-scanner.yml b/.github/workflows/osv-scanner.yml
@@ -15,10 +15,11 @@ name: OSV-Scanner
 on:
   pull_request:
     branches: [ "main" ]
-  schedule:
-    - cron: '0 0 * * 0'
   push:
     branches: [ "main" ]
+  schedule:
+    - cron: '0 0 * * 0'
+  workflow_dispatch:
 
 permissions:
   # Require writing security events to upload SARIF file to security tab
@@ -29,7 +30,7 @@ permissions:
 jobs:
   scan-scheduled:
     if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }}
-    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@1f1242919d8a60496dd1874b24b62b2370ed4c78" # v1.7.1
+    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@75532bf0bf75464b047d80414dbce04449498365" # v1.7.3
     with:
       # Example of specifying custom arguments
       scan-args: |-
@@ -38,7 +39,7 @@ jobs:
         ./
   scan-pr:
     if: ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }}
-    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@1f1242919d8a60496dd1874b24b62b2370ed4c78" # v1.7.1
+    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@75532bf0bf75464b047d80414dbce04449498365" # v1.7.3
     with:
       # Example of specifying custom arguments
       scan-args: |-
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -1,24 +1,12 @@
 ---
-# Copyright 2016-present Thomas Leplus
-# 
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-# 
-#     http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
 name: Scorecards supply-chain security
 on:
   push:
     branches:
       - main
       - 'releases/**'
+  schedule:
+    - cron: '0 0 * * 0'
   workflow_dispatch:
 
 permissions: read-all
diff --git a/.github/workflows/update-prs.yml b/.github/workflows/update-prs.yml
@@ -3,6 +3,8 @@ name: Update PRs
 
 on:
   push:
+  schedule:
+    - cron: '0 0 * * 0'
   workflow_dispatch:
 
 permissions:
