From 723162c1772888a9704837d5331b97ea4e801a90 Mon Sep 17 00:00:00 2001
From: Shaojun Liu <61072813+liu-shaojun@users.noreply.github.com>
Date: Wed, 3 Apr 2024 11:10:37 +0800
Subject: [PATCH] Bump ossf/scorecard-action to v2.3.1

---
 .github/workflows/scorecard.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index ae3695db293..3832f95c303 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -14,6 +14,7 @@ on:
   # push:
   #   branches: [ "main" ]
   workflow_dispatch:
+  pull_request:
 
 # Declare default permissions as read only.
 permissions: read-all
@@ -38,7 +39,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # tag=v2.0.6
+        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
         with:
           results_file: results.sarif
           results_format: sarif