mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2026-06-06 00:14:58 -06:00
d6a3d539ed
Some checks are pending
Build / Build and Test ${{ matrix.channel }} (msrv) (push) Waiting to run
Build / Build and Test ${{ matrix.channel }} (rust-toolchain) (push) Waiting to run
Check templates / Validate docker templates (push) Waiting to run
Hadolint / Validate Dockerfile syntax (push) Waiting to run
Release / Build Vaultwarden containers (amd64, alpine) (push) Waiting to run
Release / Build Vaultwarden containers (amd64, debian) (push) Waiting to run
Release / Build Vaultwarden containers (arm/v6, alpine) (push) Waiting to run
Release / Build Vaultwarden containers (arm/v6, debian) (push) Waiting to run
Release / Build Vaultwarden containers (arm/v7, alpine) (push) Waiting to run
Release / Build Vaultwarden containers (arm/v7, debian) (push) Waiting to run
Release / Build Vaultwarden containers (arm64, alpine) (push) Waiting to run
Release / Build Vaultwarden containers (arm64, debian) (push) Waiting to run
Release / Merge manifests (alpine) (push) Blocked by required conditions
Release / Merge manifests (debian) (push) Blocked by required conditions
Trivy / Trivy Scan (push) Waiting to run
Code Spell Checking / Run typos spell checking (push) Waiting to run
Security Analysis with zizmor / Run zizmor (push) Waiting to run
- Updated Rust to v1.96.0 - Updated all the crates, and adjusted code where needed - Fixed some nightly reported clippy lints - Updated all the GitHub actions Signed-off-by: BlackDex <black.dex@gmail.com>
32 lines
840 B
YAML
32 lines
840 B
YAML
name: Security Analysis with zizmor
|
|
permissions: {}
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
on:
|
|
push:
|
|
branches: ["main"]
|
|
pull_request:
|
|
branches: ["**"]
|
|
|
|
jobs:
|
|
zizmor:
|
|
name: Run zizmor
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
security-events: write # To write the security report
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: Run zizmor
|
|
uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6
|
|
with:
|
|
# intentionally not scanning the entire repository,
|
|
# since it contains integration tests.
|
|
inputs: ./.github/
|