[CI] Enable OSSF scorecard workflow to run on intel/llvm (#12779)

stdale-intel · web-flow · commit 358843a84365 · 2024-02-21T13:09:48.000-08:00
Enable the OSSF (https://github.com/ossf) scorecard workflow to run and generate the repo security score for tracking current repo security issues. Currently enabled to run nightly while we resolve any open issues, will then move to weekly once clean runs.
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -2,7 +2,7 @@
 # by a third-party and are governed by separate terms of service, privacy
 # policy, and support documentation.
 
-# Check current LLVM-Project results here: https://securityscorecards.dev/viewer/?uri=github.com/llvm/llvm-project
+# Check current LLVM-Project results here: https://securityscorecards.dev/viewer/?uri=github.com/intel/llvm
 
 name: Scorecard supply-chain security
 on:
@@ -12,7 +12,7 @@ on:
   # To guarantee Maintained check is occasionally updated. See
   # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
   schedule:
-    - cron: '38 20 * * *'
+    - cron: '30 20 * * *'
 
 # Declare default permissions as read only.
 permissions:
@@ -22,7 +22,7 @@ jobs:
   analysis:
     name: Scorecard analysis
     runs-on: ubuntu-latest
-    if: github.repository == 'llvm/llvm-project'
+    if: github.repository == 'intel/llvm'
     permissions:
       # Needed to upload the results to code-scanning dashboard.
       security-events: write
