We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 00f5d32 commit b3f1107Copy full SHA for b3f1107
1 file changed
.github/workflows/zizmor.yml
@@ -0,0 +1,23 @@
1
+name: GitHub Actions Security Analysis with zizmor
2
+
3
+on:
4
+ push:
5
+ branches: ["main"]
6
+ pull_request:
7
+ branches: ["**"]
8
9
+permissions: {}
10
11
+jobs:
12
+ zizmor:
13
+ runs-on: ubuntu-latest
14
+ permissions:
15
+ security-events: write
16
+ steps:
17
+ - name: Checkout repository
18
+ uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
19
+ with:
20
+ persist-credentials: false
21
22
+ - name: Run zizmor
23
+ uses: zizmorcore/zizmor-action@192e21d79ab29983730a13d1382995c2307fbcaa # v0.5.7
0 commit comments