Adds zizmor serif

Author: kingbuzzman

.github/workflows/main.yml

@@ -54,8 +54,15 @@ jobs:
 
       - name: Run tox
         run: tox -e "${MATRIX_NAME}"
-        env:
-          MATRIX_NAME: ${{ matrix.name }}
+        # run: tox -e "${MATRIX_NAME}"
+        # env:
+        #   MATRIX_NAME: ${{ matrix.name }}
+
+      - name: Upload SARIF report into the GitHub repo code scanning
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: zizmor.sarif
+          category: zizmor
 
       - name: Report coverage
         if: contains(matrix.name, 'coverage')

.gitignore

@@ -18,3 +18,4 @@ _build
 *.egg
 # autogenerated by setuptools-scm
 /pytest_django/_version.py
+zizmor.sarif

tox.ini

@@ -44,11 +44,12 @@ commands =
 
 [testenv:linting]
 dependency_groups = linting
+allowlist_externals = sh
 commands =
     ruff check --diff {posargs:pytest_django pytest_django_test tests}
     ruff format --quiet --diff {posargs:pytest_django pytest_django_test tests}
     mypy {posargs:pytest_django pytest_django_test tests}
-    zizmor --persona=pedantic .github/workflows/deploy.yml .github/workflows/main.yml
+    sh -c "zizmor --persona=pedantic --format sarif .github/workflows/deploy.yml .github/workflows/main.yml > zizmor.sarif"
 
 [testenv:doc8]
 basepython = python3