zizmor.yaml
1 on: 2 push: 3 branches: ["main"] 4 pull_request: 5 branches: ["**"] 6 7 permissions: {} 8 9 jobs: 10 zizmor: 11 name: Run zizmor 12 runs-on: ubuntu-latest 13 permissions: 14 security-events: write 15 contents: read 16 actions: read 17 steps: 18 - name: Checkout repository 19 uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 20 with: 21 persist-credentials: false 22 - name: Run zizmor 23 uses: zizmorcore/zizmor-action@e639db99335bc9038abc0e066dfcd72e23d26fb4 # v0.3.0