From 61a0bf484dae1fd0fc55e344303da4101d03b7d2 Mon Sep 17 00:00:00 2001
From: Arne Tarara <arne@datafuse.de>
Date: Thu, 11 Apr 2024 00:51:40 +0200
Subject: [PATCH 1/4] PR-Test commit for eco-ci

---
 empty.txt | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 empty.txt

diff --git a/empty.txt b/empty.txt
new file mode 100644
index 00000000000..effac6a12ca
--- /dev/null
+++ b/empty.txt
@@ -0,0 +1 @@
+This is just a non-sense file to make an example PR

From e56be1a945733cbc41d0ff4b3eaade8a3b82db90 Mon Sep 17 00:00:00 2001
From: Arne Tarara <arne@datafuse.de>
Date: Thu, 11 Apr 2024 00:59:25 +0200
Subject: [PATCH 2/4] Added on pull request to also show info in PR display

---
 .github/workflows/scorecard.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index b47437adc89..ef5a2824633 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -10,6 +10,8 @@ on:
     # Weekly on Mondays at 00:00.
     - cron: '0 0 * * 1'
   workflow_dispatch:
+  pull_request:
+
 
   # The OSSF recommendation encourages to enable branch protection rules trigger
   # to update the scorecard

From a5e9b5ce4e6714bf59fa1416aeec776933040270 Mon Sep 17 00:00:00 2001
From: Arne Tarara <arne@datafuse.de>
Date: Thu, 11 Apr 2024 01:26:35 +0200
Subject: [PATCH 3/4] Adding explicit permissions including pr: write; Also
 adding PR comment for eco-ci

---
 .github/workflows/scorecard.yaml | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index ef5a2824633..c47b3a61ff6 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -24,7 +24,20 @@ on:
     branches: [ "master" ]
 
 # Declare default permissions as read only.
-permissions: read-all
+permissions:
+  actions: read
+  checks: read
+  contents: read
+  deployments: read
+  id-token: read
+  issues: read
+  discussions: read
+  packages: read
+  pages: read
+  pull-requests: write
+  repository-projects: read
+  security-events: read
+  statuses: read
 
 jobs:
   analysis:
@@ -117,3 +130,5 @@ jobs:
         uses: green-coding-solutions/eco-ci-energy-estimation@main
         with:
           task: display-results
+          pr-comment: true
+

From b002ed1e3b3d726dfbed5b21895a50fc00add084 Mon Sep 17 00:00:00 2001
From: Arne Tarara <arne@datafuse.de>
Date: Thu, 11 Apr 2024 01:29:47 +0200
Subject: [PATCH 4/4] Test removing id-token

---
 .github/workflows/scorecard.yaml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index c47b3a61ff6..57ac2856fb2 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -23,13 +23,11 @@ on:
   push:
     branches: [ "master" ]
 
-# Declare default permissions as read only.
 permissions:
   actions: read
   checks: read
   contents: read
   deployments: read
-  id-token: read
   issues: read
   discussions: read
   packages: read