Skip to content

build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 in the non-breaking-changes group #19

build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 in the non-breaking-changes group

build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 in the non-breaking-changes group #19

Workflow file for this run

# Inspired by:
# https://woodruffw.github.io/zizmor/usage/#use-in-github-actions
name: GitHub Actions Security Analysis with zizmor 🌈
on:
push:
branches: ["master"]
pull_request:
branches: ["**"]
jobs:
zizmor:
name: zizmor
runs-on: ubuntu-latest
permissions:
security-events: write
actions: read
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- uses: cachix/install-nix-action@3715ab1a11cac9e991980d7b4a28d80c7ebdd8f9 # v27
- name: Run zizmor 🌈
run: nix run 'nixpkgs#zizmor' -- --format sarif . > results.sarif
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
with:
sarif_file: results.sarif
category: zizmor