Skip to content

Commit 540f3f0

Browse files
committed
Fix zizmor workflow findings
1 parent 1d442dd commit 540f3f0

2 files changed

Lines changed: 13 additions & 30 deletions

File tree

.github/dependabot.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,3 +26,5 @@ updates:
2626
patterns:
2727
- "*"
2828
versioning-strategy: increase-if-necessary
29+
cooldown:
30+
default-days: 7

.github/workflows/zizmor.yml

Lines changed: 11 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -1,37 +1,18 @@
11
name: GitHub Actions Security Analysis with zizmor 🌈
22

33
on:
4-
push:
5-
branches:
6-
- main
7-
paths:
8-
- '.github/**.yml'
9-
- '.github/**.yaml'
10-
pull_request:
11-
paths:
12-
- '.github/**.yml'
13-
- '.github/**.yaml'
14-
15-
concurrency:
16-
group: ${{ github.workflow }}-${{ github.ref }}
17-
cancel-in-progress: true
4+
push:
5+
paths:
6+
- '.github/**.yml'
7+
- '.github/**.yaml'
8+
pull_request:
9+
paths:
10+
- '.github/**.yml'
11+
- '.github/**.yaml'
1812

1913
permissions:
20-
contents: read
14+
contents: read
2115

2216
jobs:
23-
zizmor:
24-
name: Run zizmor 🌈
25-
runs-on: ubuntu-latest
26-
steps:
27-
- name: Checkout repository
28-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
29-
with:
30-
persist-credentials: false
31-
32-
- name: Run zizmor 🌈
33-
uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6
34-
with:
35-
advanced-security: false
36-
annotations: true
37-
persona: 'pedantic'
17+
zizmor:
18+
uses: yiisoft/actions/.github/workflows/zizmor.yml@master

0 commit comments

Comments
 (0)