arian/anubis-mirror
1
0
Fork 0
mirror of https://github.com/TecharoHQ/anubis.git synced 2026-04-11 19:18:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

workflows: hash pin Actions (#203)

Browse Source 
Signed-off-by: Patrick Linnane <patrick@linnane.io>
This commit is contained in:
Patrick Linnane
2025-04-07 21:45:06 -07:00
committed by GitHub
parent 2324395ae2
commit 1614504922
6 changed files with 25 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/zizmor.yml vendored
View File

@@ -16,12 +16,12 @@ jobs:
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Install the latest version of uv
uses: astral-sh/setup-uv@v5
uses: astral-sh/setup-uv@0c5e2b8115b80b4c7c5ddf6ffdd634974642d182 # v5.4.1
- name: Run zizmor 🌈
run: uvx zizmor --format sarif . > results.sarif
@@ -29,7 +29,7 @@ jobs:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
with:
sarif_file: results.sarif
category: zizmor