From 1e8fdec2da8c7687235e08353083abf0b2b6e133 Mon Sep 17 00:00:00 2001
From: "J-K. Solbakken" <jksolbakken@gmail.com>
Date: Wed, 10 Jul 2024 12:42:10 +0200
Subject: [PATCH] adjusted egress policy to match recommendation

---
 .github/workflows/scorecard.yml | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 83d1054..8b5c585 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -26,14 +26,16 @@ jobs:
           disable-sudo: true
           egress-policy: block
           allowed-endpoints: >
-            api.osv.dev:443 
-            api.securityscorecards.dev:443 
-            bestpractices.coreinfrastructure.org:443 
-            fulcio.sigstore.dev:443 
-            github.com:443 
-            api.github.com:443 
-            rekor.sigstore.dev:443 
-            sigstore-tuf-root.storage.googleapis.com:443 
+            api.github.com:443
+            api.osv.dev:443
+            api.securityscorecards.dev:443
+            bestpractices.coreinfrastructure.org:443
+            fulcio.sigstore.dev:443
+            github.com:443
+            oss-fuzz-build-logs.storage.googleapis.com:443
+            rekor.sigstore.dev:443
+            sigstore-tuf-root.storage.googleapis.com:443
+            tuf-repo-cdn.sigstore.dev:443
             www.bestpractices.dev:443
       
       - name: "Checkout code"