install Zizmor gha action v0.5.2 by updateclibot[bot] · Pull Request #1047 · updatecli/updatecli-action (original) (raw)
This PR was automatically created by Updatecli to set up a Zizmor GitHub Action workflow for security scanning.
Zizmor is a static analysis tool that identifies misconfigurations in GitHub Actions workflows. Updatecli is a tool to automate configuration update across git repositories.
For more information:
Install Zizmor GitHub action workflow
install Zizmor gha action v0.5.2
1 file(s) updated with "name: GitHub Actions Security Analysis with zizmor 🌈\n\non:\n push:\n branches: [\"main\"]\n pull_request:\n branches: [\"**\"]\n\npermissions: {}\n\njobs:\n zizmor:\n runs-on: ubuntu-latest\n permissions:\n security-events: write\n steps:\n - name: Checkout repository\n uses: actions/checkout@de0fac2 # v6.0.2\n with:\n persist-credentials: false\n\n - name: Run zizmor 🌈\n uses: zizmorcore/zizmor-action@71321a2 # v0.5.2\n with:\n # intentionally not scanning the entire repository,\n inputs: ./.github/\n advanced-security: true\n": * .github/workflows/zizmor.yaml
 |
Created automatically by Updatecli Options: Most of Updatecli configuration is done via its manifest(s). If you close this pull request, Updatecli will automatically reopen it, the next time it runs. If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made. Feel free to report any issues at github.com/updatecli/updatecli. If you find this tool useful, do not hesitate to star our GitHub repository as a sign of appreciation, and/or to tell us directly on our chat! |
|---|