chore(deps): bump peter-evans/create-issue-from-file from 64feed10c881151d72db1df9265baf264b570b29 to 1c37a3538f1016517235b2ad3311d75bf0dd4a41 in /.github/workflows #4
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: GitHub Actions Security Analysis with zizmor 🌈 | |
| on: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["*"] | |
| jobs: | |
| zizmor: | |
| name: zizmor latest via Cargo | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| security-events: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
| with: | |
| persist-credentials: false | |
| - name: Install the latest version of uv | |
| uses: astral-sh/setup-uv@3460fe1a9ab32cdfff176fd684479d2f6dff237c | |
| - name: Run zizmor 🌈 | |
| run: uvx zizmor -p --format sarif . > results.sarif | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Upload SARIF file | |
| uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae | |
| with: | |
| sarif_file: results.sarif | |
| category: zizmor |