Run OpenSSF on Pull Requests

Author: ZzEeKkAa

.github/workflows/openssf-scorecard.yml

@@ -14,6 +14,8 @@ on:
     - cron: '28 2 * * 4'
   push:
     branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
 
 # Declare default permissions as read only.
 permissions: read-all
@@ -55,7 +57,7 @@ jobs:
           # For private repositories:
           #   - `publish_results` will always be set to `false`, regardless
           #     of the value entered here.
-          publish_results: true
+          publish_results: ${{ github.event_name == 'push' }}
 
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
@@ -68,6 +70,7 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
+        if: ${{ github.event_name == 'push' }}
         uses: github/codeql-action/upload-sarif@47b3d888fe66b639e431abf22ebca059152f1eea # v3.24.5
         with:
           sarif_file: results.sarif