Merge pull request #82 from stacklok/pinned-tags-branch

Don't hardcode `main` branch for actions_check_pinned_tags rule type
mindersec · Apr 10, 2024 · 6ae9a2c · 6ae9a2c
2 parents 2497bf3 + 42d619e
commit 6ae9a2c
Showing 1 changed file with 2 additions and 3 deletions.
diff --git a/rule-types/github/actions_check_pinned_tags.yaml b/rule-types/github/actions_check_pinned_tags.yaml
@@ -38,8 +38,7 @@ def:
   # Defines the configuration for ingesting data relevant for the rule
   ingest:
     type: git
-    git:
-      branch: main
+    git: {}
   # Defines the configuration for evaluating data ingested against the given profile
   # This example uses the checks for that GitHub actions are using pinned tags
   # for the use directive, in the form of SHA-1 hash.
@@ -117,4 +116,4 @@ def:
   # Defines the configuration for alerting on the rule
   alert:
     type: security_advisory
-    security_advisory: {}
+    security_advisory: {}