From 678219320ec5924750c9373da49d506329ca6e87 Mon Sep 17 00:00:00 2001 From: Sysix Date: Thu, 12 Dec 2024 20:44:03 +0100 Subject: [PATCH] ci: add zizmor for github actions security --- .github/workflows/ci_security.yml | 28 ++++++++++++++-------------- .github/workflows/release_crates.yml | 1 - 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/.github/workflows/ci_security.yml b/.github/workflows/ci_security.yml index 04f9f29fa6db9..bb81dde1151ec 100644 --- a/.github/workflows/ci_security.yml +++ b/.github/workflows/ci_security.yml @@ -1,17 +1,17 @@ name: GitHub Actions Security Analysis on: - workflow_dispatch: - pull_request: - types: [opened, synchronize] - paths: - - ".github/worfkflows/**" - push: - branches: - - main - - "renovate/**" - paths: - - ".github/worfkflows/**" + workflow_dispatch: + pull_request: + types: [opened, synchronize] + paths: + - ".github/workflows/**" + push: + branches: + - main + - "renovate/**" + paths: + - ".github/workflows/**" jobs: zizmor: @@ -29,12 +29,12 @@ jobs: uses: astral-sh/setup-uv@v4 - name: Run zizmor 🌈 - run: uvx zizmor --format sarif . > results.sarif + run: uvx zizmor --format sarif . > results.sarif env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload SARIF file uses: github/codeql-action/upload-sarif@v3 with: sarif_file: results.sarif - category: zizmor \ No newline at end of file + category: zizmor diff --git a/.github/workflows/release_crates.yml b/.github/workflows/release_crates.yml index 37b828440e380..c8e5df106f36e 100644 --- a/.github/workflows/release_crates.yml +++ b/.github/workflows/release_crates.yml @@ -8,7 +8,6 @@ on: paths: - crates/oxc/Cargo.toml - concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true