Skip to content

UID2-7011: add zizmor workflow-security scan (report-only) #2

UID2-7011: add zizmor workflow-security scan (report-only)

UID2-7011: add zizmor workflow-security scan (report-only) #2

Workflow file for this run

name: Zizmor Scan
on:
pull_request:
# Trigger when anything zizmor scans changes. The scan itself covers the
# whole repo; if this repo keeps composite actions outside .github/, add
# those paths so changes there don't slip through.
paths:
- '.github/**'
workflow_dispatch:
permissions:
contents: read
jobs:
zizmor:
# Bare call: severity floors inherit the shared workflow's central defaults
# (report-only, High), so org-wide retunes are a single change in
# uid2-shared-actions. See the zizmor section of its README.
uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-zizmor-scan.yaml@v3