Skip to content

Add zizmor security audit action & tighten permissions on publish action #1

Add zizmor security audit action & tighten permissions on publish action

Add zizmor security audit action & tighten permissions on publish action #1

Workflow file for this run

name: "GitHub Actions Security Analysis with zizmor 🌈"
on:
push:
branches:
- "main"
paths:
- ".github/workflows/*"
pull_request:
paths:
- ".github/workflows/*"
permissions: {}
jobs:
zizmor:
name: "Run zizmor 🌈"
runs-on: "ubuntu-latest"
permissions:
security-events: "write" # Required for upload-sarif (used by zizmor-action) to upload SARIF files.
steps:
- name: "Checkout repository"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
with:
persist-credentials: false
- name: "Run zizmor 🌈"
uses: "zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8" # v0.5.2