# policy, and support documentation.

name: Scorecard supply-chain security
on:
  # For Branch-Protection check. Only the default branch is supported. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
  branch_protection_rule:
  # To guarantee Maintained check is occasionally updated. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained

## CSRF Risk { #csrf-risk }

This default behavior provides protection against a class of **Cross-Site Request Forgery (CSRF)** attacks in a very specific scenario.

These attacks exploit the fact that browsers allow scripts to send requests without doing any CORS preflight check when they:

        run: echo "$GITHUB_CONTEXT"

  # https://github.com/marketplace/actions/alls-green#why
  test-redistribute-alls-green:  # This job does nothing and is only used for the branch protection
    if: always()
    needs:
      - test-redistribute
    runs-on: ubuntu-latest
    steps:
      - name: Decide whether the needed jobs succeeded or failed
        uses: re-actors/alls-green@release/v1

  script.setAttribute("data-project-name", "FastAPI");
  script.setAttribute("data-project-color", "#009485");
  script.setAttribute("data-project-logo", "https://fastapi.tiangolo.com/img/favicon.png");
  script.setAttribute("data-bot-protection-mechanism", "hcaptcha");
  script.setAttribute("data-button-height", "3rem");
  script.setAttribute("data-button-width", "3rem");
  script.setAttribute("data-button-border-radius", "50%");

        if: steps.precommit.outcome == 'failure'
        run: exit 1

  # https://github.com/marketplace/actions/alls-green#why
  pre-commit-alls-green:  # This job does nothing and is only used for the branch protection
    if: always()
    needs:
      - pre-commit
    runs-on: ubuntu-latest
    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}

          path: ./site/**
          include-hidden-files: true

  # https://github.com/marketplace/actions/alls-green#why
  docs-all-green:  # This job does nothing and is only used for the branch protection
    if: always()
    needs:
      - build-docs
    runs-on: ubuntu-latest
    steps:
      - name: Decide whether the needed jobs succeeded or failed
        uses: re-actors/alls-green@release/v1

          include-hidden-files: true
      - run: uv run coverage report --fail-under=100

  # https://github.com/marketplace/actions/alls-green#why
  check:  # This job does nothing and is only used for the branch protection
    if: always()
    needs:
      - coverage-combine
      - benchmark
    runs-on: ubuntu-latest
    steps:
      - name: Dump GitHub context
        env:

   * locally.
   *
   * @since 24.1
   */
  public static final String X_DOWNLOAD_OPTIONS = "X-Download-Options";

  /** The HTTP {@code X-XSS-Protection} header field name. */
  public static final String X_XSS_PROTECTION = "X-XSS-Protection";

  /**
   * The HTTP <a
   * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control">{@code

## Risque CSRF { #csrf-risk }

Ce comportement par défaut offre une protection contre une catégorie d’attaques de Cross-Site Request Forgery (CSRF) dans un scénario très spécifique.

errors.failed_to_upload_kuromoji_file = Échec du téléversement d'un fichier Kuromoji.
errors.failed_to_download_protwords_file = Échec du téléchargement d'un fichier de mots de protection.
errors.failed_to_upload_protwords_file = Échec du téléversement d'un fichier de mots de protection.
errors.failed_to_download_stopwords_file = Échec du téléchargement d'un fichier de mots vides.