From 90ea4e7204774f14b435b1fca398385f34ef6027 Mon Sep 17 00:00:00 2001
From: YingYing Chen <40571804+YYChen01988@users.noreply.github.com>
Date: Wed, 19 Feb 2025 17:16:03 +0000
Subject: [PATCH] feat(scorecard) added gradle wrapper validation check (#2343)

---
 .github/workflows/scorecard.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 189fdccf1d..a929380250 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -71,3 +71,10 @@ jobs:
         uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
         with:
           sarif_file: results.sarif
+
+  gradle-wrapper-validation:
+    name: "Checksum validation of Gradle Wrappers"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: gradle/actions/wrapper-validation@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0