Skip to content

Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.0 to 2.4.0 #10

Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.0 to 2.4.0

Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.0 to 2.4.0 #10

Workflow file for this run

# zizmor audits the GitHub Actions workflows themselves for security issues
# (injection, excessive permissions, unpinned actions, etc.).
# Results appear under the repository's "Security > Code scanning" tab.
name: zizmor
on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
permissions:
contents: read
jobs:
zizmor:
runs-on: ubuntu-latest
permissions:
security-events: write
contents: read
steps:
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
with:
persist-credentials: false
- name: Install uv
uses: astral-sh/setup-uv@d0cc045d04ccac9d8b7881df0226f9e82c39688e # v6
# Audit all workflow files. continue-on-error so findings still get uploaded
# to code scanning instead of aborting before the upload step.
- name: Run zizmor
continue-on-error: true
run: uvx zizmor --format sarif . > zizmor.sarif
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@dd903d2e4f5405488e5ef1422510ee31c8b32357 # v3
with:
sarif_file: zizmor.sarif
category: zizmor