From 79d6779995142fbb5c2043834dc32c2dd8695887 Mon Sep 17 00:00:00 2001
From: Martin von Zweigbergk <martinvonz@google.com>
Date: Thu, 8 Dec 2022 14:32:51 -0800
Subject: [PATCH] github: make Scorecard security scanner not use access token

Google's security team asked us to remove this use of a PAT. It's
apparently supposed to work without it, it's just that it won't be
able to check that we have bronch protection set up.
---
 .github/workflows/scorecards.yml | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 84671be6b..31257bad5 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -30,9 +30,6 @@ jobs:
         with:
           results_file: results.sarif
           results_format: sarif
-          # Read-only PAT token. To create it,
-          # follow the steps in https://github.com/ossf/scorecard-action#pat-token-creation.
-          repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
           # Publish the results to enable scorecard badges. For more details, see
           # https://github.com/ossf/scorecard-action#publishing-results.
           # For private repositories, `publish_results` will automatically be set to `false`,