From 84fbfd573ecd857e501a9d47423508aeb1863ea0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20K=C3=BCffner?= <11882946+mkuf@users.noreply.github.com> Date: Fri, 7 Feb 2025 08:37:11 +0100 Subject: [PATCH] Remove zizmor Due to lacking descriptions for findings, this does currently not provide any value when run in the pipeline --- .github/workflows/zizmor.yaml | 31 ------------------------------- 1 file changed, 31 deletions(-) delete mode 100644 .github/workflows/zizmor.yaml diff --git a/.github/workflows/zizmor.yaml b/.github/workflows/zizmor.yaml deleted file mode 100644 index 1165860..0000000 --- a/.github/workflows/zizmor.yaml +++ /dev/null @@ -1,31 +0,0 @@ -name: GitHub Actions Security Analysis with zizmor 🌈 - -on: - push: - branches: ["main"] - pull_request: - branches: ["**"] - -jobs: - zizmor: - name: zizmor latest via PyPI - runs-on: ubuntu-latest - permissions: - security-events: write - actions: read - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - persist-credentials: false - - name: Install the latest version of uv - uses: astral-sh/setup-uv@v5 - - name: Run zizmor 🌈 - run: uvx zizmor --format sarif . > results.sarif - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@v3 - with: - sarif_file: results.sarif - category: zizmor