chore: fix scorecard gh action (#202)

Kenneth Rosario · web-flow · commit 03ff7710b3af · 2023-05-31T12:28:14.000-07:00
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -25,23 +25,23 @@ jobs:
       id-token: write
 
     steps:
-    - name: Harden Runner
-      uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 # v2.4.0
-      with:
-        disable-sudo: true
-        egress-policy: block
-        allowed-endpoints: >
-          api.github.com:443
-          api.osv.dev:443
-          api.securityscorecards.dev:443
-          auth.docker.io:443
-          bestpractices.coreinfrastructure.org:443
-          fulcio.sigstore.dev:443
-          github.com:443
-          index.docker.io:443
-          oss-fuzz-build-logs.storage.googleapis.com:443
-          sigstore-tuf-root.storage.googleapis.com:443
-          rekor.sigstore.dev:443
+      - name: Harden Runner
+        uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 # v2.4.0
+        with:
+          disable-sudo: true
+          egress-policy: block
+          allowed-endpoints: >
+            api.github.com:443
+            api.osv.dev:443
+            api.securityscorecards.dev:443
+            auth.docker.io:443
+            bestpractices.coreinfrastructure.org:443
+            fulcio.sigstore.dev:443
+            github.com:443
+            index.docker.io:443
+            oss-fuzz-build-logs.storage.googleapis.com:443
+            sigstore-tuf-root.storage.googleapis.com:443
+            rekor.sigstore.dev:443
           
       - name: "Checkout code"
         uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
