mirrors/neovim
1
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2026-04-03 14:19:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
545007ac724728f7f00a4c8caac156b59312bdce
neovim/.github/workflows/zizmor.yml
Daniel Hast fc90585095 ci: Zizmor GHA security analysis #38230 
Add workflow that runs Zizmor, a static analysis tool for GitHub
Actions. This will automatically flag various common security issues
with CI workflows.
2026-03-10 11:57:18 -04:00

25 lines
608 B
YAML
Raw Blame History

name: 'security: zizmor GHA analyzer'
on:
push:
branches: ["master"]
pull_request:
branches: ["**"]
permissions: {}
jobs:
zizmor:
name: Run zizmor
runs-on: ubuntu-latest
permissions:
security-events: write # Required for upload-sarif (used by zizmor-action) to upload SARIF files.
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run zizmor
uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2
Reference in New Issue View Git Blame Copy Permalink