Commit 7c1619a
committed
fix: Run zizmor directly instead of via action to avoid SARIF upload
The zizmorcore/zizmor-action bundles a codeql upload-sarif step that
requires GitHub Advanced Security code scanning regardless of repo
settings. Replace with a plain pip install + zizmor run, which exits
non-zero on findings and needs no special permissions or features.1 parent 3641dca commit 7c1619a
1 file changed
Lines changed: 1 addition & 3 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
12 | 12 | | |
13 | 13 | | |
14 | 14 | | |
15 | | - | |
16 | 15 | | |
17 | | - | |
18 | 16 | | |
19 | 17 | | |
20 | 18 | | |
21 | 19 | | |
22 | 20 | | |
23 | 21 | | |
24 | 22 | | |
25 | | - | |
| 23 | + | |
0 commit comments