mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2026-02-27 23:03:13 +08:00
32 lines
839 B
YAML
32 lines
839 B
YAML
name: Security Analysis with zizmor
|
|
permissions: {}
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
on:
|
|
push:
|
|
branches: ["main"]
|
|
pull_request:
|
|
branches: ["**"]
|
|
|
|
jobs:
|
|
zizmor:
|
|
name: Run zizmor
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
security-events: write # To write the security report
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: Run zizmor
|
|
uses: zizmorcore/zizmor-action@0dce2577a4760a2749d8cfb7a84b7d5585ebcb7d # v0.5.0
|
|
with:
|
|
# intentionally not scanning the entire repository,
|
|
# since it contains integration tests.
|
|
inputs: ./.github/
|