File tree Expand file tree Collapse file tree 1 file changed +36
-0
lines changed Expand file tree Collapse file tree 1 file changed +36
-0
lines changed Original file line number Diff line number Diff line change 1+ # https://github.com/woodruffw/zizmor
2+ name : zizmor GHA analysis
3+
4+ on :
5+ push :
6+ branches : ["main"]
7+ pull_request :
8+ branches : ["**"]
9+
10+ jobs :
11+ zizmor :
12+ name : zizmor latest via PyPI
13+ runs-on : ubuntu-latest
14+ permissions :
15+ security-events : write
16+ steps :
17+ - name : Checkout repository
18+ uses : actions/checkout@v4
19+ with :
20+ persist-credentials : false
21+
22+ - uses : hynek/setup-cached-uv@v2
23+
24+ - name : Run zizmor 🌈
25+ run : uvx zizmor --format sarif . > results.sarif
26+ env :
27+ GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
28+
29+ - name : Upload SARIF file
30+ uses : github/codeql-action/upload-sarif@v3
31+ with :
32+ # Path to SARIF file relative to the root of the repository
33+ sarif_file : results.sarif
34+ # Optional category for the results
35+ # Used to differentiate multiple results for one commit
36+ category : zizmor
You can’t perform that action at this time.
0 commit comments