From 79c07012a06fd7d570b0a236eb0276e5e87c3bed Mon Sep 17 00:00:00 2001
From: Matthieu MOREL <matthieu.morel35@gmail.com>
Date: Fri, 12 Jan 2024 20:59:14 +0100
Subject: [PATCH] add OSSF Scorecard badge to README.md

Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>

Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 4823013f..9dd39a7f 100644
--- a/README.md
+++ b/README.md
@@ -68,6 +68,8 @@ applications. Applications request a rate limit decision based on a domain and a
 reads the configuration from disk via [runtime](https://github.com/lyft/goruntime), composes a cache key, and talks to the Redis cache. A
 decision is then returned to the caller.
 
+[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/envoyproxy/ratelimit/badge)](https://securityscorecards.dev/viewer/?uri=github.com/envoyproxy/ratelimit)
+
 # Docker Image
 
 For every main commit, an image is pushed to [Dockerhub](https://hub.docker.com/r/envoyproxy/ratelimit/tags?page=1&ordering=last_updated). There is currently no versioning (post v1.4.0) and tags are based on commit sha.