Skip to content

Bump the github-actions group with 2 updates #5

Bump the github-actions group with 2 updates

Bump the github-actions group with 2 updates #5

Workflow file for this run

name: GitHub Actions Security Analysis with zizmor 🌈
on:
push:
branches: ['main']
pull_request:
branches: ['**']
permissions: {}
jobs:
zizmor:
name: Run zizmor 🌈
runs-on: ubuntu-latest
permissions:
security-events: write # Required for upload-sarif (used by zizmor-action) to upload SARIF files.
contents: read # Only needed for private repos. Needed to clone the repo.
actions: read # Only needed for private repos. Needed for upload-sarif to read workflow run info.
steps:
- name: Checkout
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
persist-credentials: false
- name: Run zizmor 🌈
uses: zizmorcore/zizmor-action@192e21d79ab29983730a13d1382995c2307fbcaa # v0.5.7