From b650a48e5a63b7ace9503e57100b7fe5638d49b2 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Fri, 17 May 2024 13:57:31 +0100
Subject: [PATCH] Use the 'code scanning' variable (#50642)

---
 .../security-guides/security-hardening-for-github-actions.md  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/content/actions/security-guides/security-hardening-for-github-actions.md b/content/actions/security-guides/security-hardening-for-github-actions.md
index c2389f44ff..2b006cf26c 100644
--- a/content/actions/security-guides/security-hardening-for-github-actions.md
+++ b/content/actions/security-guides/security-hardening-for-github-actions.md
@@ -153,7 +153,7 @@ With this approach, the value of the {% raw %}`${{ github.event.issue.title }}`{
 
 {% ifversion fpt or ghec %}
 
-### Using starter workflows for code scanning
+### Using starter workflows for {% data variables.product.prodname_code_scanning %}
 
 {% data reusables.advanced-security.starter-workflows-beta %}
 {% data variables.product.prodname_code_scanning_caps %} allows you to find security vulnerabilities before they reach production. {% data variables.product.product_name %} provides starter workflows for {% data variables.product.prodname_code_scanning %}. You can use these suggested workflows to construct your {% data variables.product.prodname_code_scanning %} workflows, instead of starting from scratch. {% data variables.product.company_short%}'s workflow, the {% data variables.code-scanning.codeql_workflow %}, is powered by {% data variables.product.prodname_codeql %}. There are also third-party starter workflows available.
@@ -233,7 +233,7 @@ For more information on how to configure this setting, see {% ifversion allow-ac
 
 ## Using OpenSSF Scorecards to secure workflows
 
-[Scorecards](https://github.com/ossf/scorecard) is an automated security tool that flags risky supply chain practices. You can use the [Scorecards action](https://github.com/marketplace/actions/ossf-scorecard-action) and [starter workflow](https://github.com/actions/starter-workflows) to follow best security practices. Once configured, the Scorecards action runs automatically on repository changes, and alerts developers about risky supply chain practices using the built-in code scanning experience. The Scorecards project runs a number of checks, including script injection attacks, token permissions, and pinned actions.
+[Scorecards](https://github.com/ossf/scorecard) is an automated security tool that flags risky supply chain practices. You can use the [Scorecards action](https://github.com/marketplace/actions/ossf-scorecard-action) and [starter workflow](https://github.com/actions/starter-workflows) to follow best security practices. Once configured, the Scorecards action runs automatically on repository changes, and alerts developers about risky supply chain practices using the built-in {% data variables.product.prodname_code_scanning %} experience. The Scorecards project runs a number of checks, including script injection attacks, token permissions, and pinned actions.
 
 ## Potential impact of a compromised runner