mirrors/zizmor
1
0
Fork 0
mirror of https://github.com/zizmorcore/zizmor.git synced 2025-12-23 08:47:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

chore(docs): the great @zizmorcore renaming (#776)

Browse source
This commit is contained in:
William Woodruff 2025-05-09 20:08:45 -04:00 committed by GitHub
parent e8fb960d1d
commit b2804996c0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
23 changed files with 70 additions and 65 deletions
Download patch file Download diff file Expand all files Collapse all files

8
CONTRIBUTING.md
View file

@ -38,7 +38,7 @@ early contribution.
To work on one of these, **please leave a comment** on its issue before opening
a pull request to make sure nobody else duplicates your work!
["good first issue"]: https://github.com/woodruffw/zizmor/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22
["good first issue"]: https://github.com/zizmorcore/zizmor/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22
### Writing documentation
@ -56,7 +56,7 @@ Here are some things we could use help with:
More generally, see [issues labeled with `documentation`] for a potential
list of documentation efforts to contribute on.
[issues labeled with `documentation`]: https://github.com/woodruffw/zizmor/issues?q=is%3Aissue+is%3Aopen+label%3Adocumentation
[issues labeled with `documentation`]: https://github.com/zizmorcore/zizmor/issues?q=is%3Aissue+is%3Aopen+label%3Adocumentation
### Writing unit tests
@ -76,9 +76,9 @@ labels. These can sometimes be tricky to address, so we recommend
(but don't require) leaving an explanatory comment on the issue before
beginning a pull request.
["false positive"]: https://github.com/woodruffw/zizmor/issues?q=is%3Aopen+label%3Afalse-positive
["false positive"]: https://github.com/zizmorcore/zizmor/issues?q=is%3Aopen+label%3Afalse-positive
["false negative"]: https://github.com/woodruffw/zizmor/issues?q=is%3Aopen+label%3Afalse-negative
["false negative"]: https://github.com/zizmorcore/zizmor/issues?q=is%3Aopen+label%3Afalse-negative
[development docs]: https://docs.zizmor.sh/development/

6
Cargo.toml
View file

@ -3,9 +3,9 @@ name = "zizmor"
description = "Static analysis for GitHub Actions"
version = "1.7.0"
edition = "2024"
repository = "https://github.com/woodruffw/zizmor"
homepage = "https://github.com/woodruffw/zizmor"
documentation = "https://zizmor.sh"
repository = "https://github.com/zizmorcore/zizmor"
homepage = "https://docs.zizmor.sh"
documentation = "https://docs.zizmor.sh"
authors = ["William Woodruff <william@yossarian.net>"]
license = "MIT"
keywords = ["cli", "github-actions", "static-analysis", "security"]

14
README.md
View file

@ -1,6 +1,6 @@
# 🌈 zizmor
[![CI](https://github.com/woodruffw/zizmor/actions/workflows/ci.yml/badge.svg)](https://github.com/woodruffw/zizmor/actions/workflows/ci.yml)
[![CI](https://github.com/zizmorcore/zizmor/actions/workflows/ci.yml/badge.svg)](https://github.com/zizmorcore/zizmor/actions/workflows/ci.yml)
[![Crates.io](https://img.shields.io/crates/v/zizmor)](https://crates.io/crates/zizmor)
[![Packaging status](https://repology.org/badge/tiny-repos/zizmor.svg)](https://repology.org/project/zizmor/versions)
[![GitHub Sponsors](https://img.shields.io/github/sponsors/woodruffw?style=flat&logo=githubsponsors&labelColor=white&color=white)](https://github.com/sponsors/woodruffw)
@ -19,13 +19,13 @@ including:
[and much more]: https://docs.zizmor.sh/audits/
![zizmor demo](https://raw.githubusercontent.com/woodruffw/zizmor/main/docs/assets/zizmor-demo.gif)
![zizmor demo](https://raw.githubusercontent.com/zizmorcore/zizmor/main/docs/assets/zizmor-demo.gif)
See [`zizmor`'s documentation](https://docs.zizmor.sh/)
for [installation steps], as well as a [quickstart] and
[detailed usage recipes].
[please file them]: https://github.com/woodruffw/zizmor/issues/new?assignees=&labels=bug%2Ctriage&projects=&template=bug-report.yml&title=%5BBUG%5D%3A+
[please file them]: https://github.com/zizmorcore/zizmor/issues/new?assignees=&labels=bug%2Ctriage&projects=&template=bug-report.yml&title=%5BBUG%5D%3A+
[installation steps]: https://docs.zizmor.sh/installation/
@ -69,10 +69,10 @@ Astral
## Star History
<a href="https://star-history.com/#woodruffw/zizmor&Date">
<a href="https://star-history.com/#zizmorcore/zizmor&Date">
<picture>
<source media="(prefers-color-scheme: dark)" srcset="https://api.star-history.com/svg?repos=woodruffw/zizmor&type=Date&theme=dark" />
<source media="(prefers-color-scheme: light)" srcset="https://api.star-history.com/svg?repos=woodruffw/zizmor&type=Date" />
<img alt="Star History Chart" src="https://api.star-history.com/svg?repos=woodruffw/zizmor&type=Date" />
<source media="(prefers-color-scheme: dark)" srcset="https://api.star-history.com/svg?repos=zizmorcore/zizmor&type=Date&theme=dark" />
<source media="(prefers-color-scheme: light)" srcset="https://api.star-history.com/svg?repos=zizmorcore/zizmor&type=Date" />
<img alt="Star History Chart" src="https://api.star-history.com/svg?repos=zizmorcore/zizmor&type=Date" />
</picture>
</a>

4
docs/development.md
View file

@ -10,7 +10,7 @@ description: Development tasks and processes.
For more general information on *how and what* to contribute to `zizmor`,
see our [CONTRIBUTING.md].
[CONTRIBUTING.md]: https://github.com/woodruffw/zizmor/blob/main/CONTRIBUTING.md
[CONTRIBUTING.md]: https://github.com/zizmorcore/zizmor/blob/main/CONTRIBUTING.md
## General development practices
@ -45,7 +45,7 @@ You can install Rust by following the steps on [Rust's official website].
`zizmor` is a pure Rust codebase, and can be built with a single `cargo build`:
```bash
git clone https://github.com/woodruffw/zizmor && cd zizmor
git clone https://github.com/zizmorcore/zizmor && cd zizmor
cargo build
# cargo run -- --help also works
./target/debug/zizmor --help

2
docs/index.md
View file

@ -1,6 +1,6 @@
# Welcome to `zizmor`'s documentation!
[![CI](https://github.com/woodruffw/zizmor/actions/workflows/ci.yml/badge.svg)](https://github.com/woodruffw/zizmor/actions/workflows/ci.yml)
[![CI](https://github.com/zizmorcore/zizmor/actions/workflows/ci.yml/badge.svg)](https://github.com/zizmorcore/zizmor/actions/workflows/ci.yml)
[![Crates.io](https://img.shields.io/crates/v/zizmor)](https://crates.io/crates/zizmor)
[![Packaging status](https://repology.org/badge/tiny-repos/zizmor.svg)](https://repology.org/project/zizmor/versions)
[![GitHub Sponsors](https://img.shields.io/github/sponsors/woodruffw?style=flat&logo=githubsponsors&labelColor=white&color=white)](https://github.com/sponsors/woodruffw)

8
docs/installation.md
View file

@ -57,10 +57,10 @@ description: Installation instructions for zizmor.
=== ":simple-docker: Docker"
An official `zizmor` image is available from the [GitHub Container Registry](https://ghcr.io/woodruffw/zizmor):
An official `zizmor` image is available from the [GitHub Container Registry](https://ghcr.io/zizmorcore/zizmor):
```bash
docker pull ghcr.io/woodruffw/zizmor:latest
docker pull ghcr.io/zizmorcore/zizmor:latest
```
=== ":simple-anaconda: Conda"
@ -117,7 +117,7 @@ description: Installation instructions for zizmor.
!!! info
Are you interested in packaging `zizmor` for another ecosystem?
Let us know by [filing an issue](https://github.com/woodruffw/zizmor/issues/new)!
Let us know by [filing an issue](https://github.com/zizmorcore/zizmor/issues/new)!
The badge below tracks `zizmor`'s overall packaging status.
@ -136,5 +136,5 @@ description: Installation instructions for zizmor.
You can install the latest unstable `zizmor` directly from GitHub with `cargo`:
```bash
cargo install --git https://github.com/woodruffw/zizmor
cargo install --git https://github.com/zizmorcore/zizmor
```

6
docs/quickstart.md
View file

@ -74,15 +74,15 @@ Here are some different ways you can run `zizmor` locally:
given a GitHub API token via `GH_TOKEN` or `--gh-token`:
```bash
# audit all workflows and composite actions in woodruffw/zizmor
# audit all workflows and composite actions in zizmorcore/zizmor
# assumes you have `gh` installed
zizmor --gh-token=$(gh auth token) woodruffw/zizmor
zizmor --gh-token=$(gh auth token) zizmorcore/zizmor
```
Multiple repositories will also work:
```bash
zizmor --gh-token=$(gh auth token) woodruffw/zizmor woodruffw/gha-hazmat
zizmor --gh-token=$(gh auth token) zizmorcore/zizmor zizmorcore/gha-hazmat
```
See [Usage](./usage.md) for more examples, including examples of configuration.

51
docs/release-notes.md
View file

@ -17,6 +17,11 @@ of `zizmor`.
old links in preparation for the v1.8.0 release, which will likely
remove the redirects entirely (#769)
* `zizmor` is now hosted under the @zizmorcore GitHub organization
as @zizmorcore/zizmor. The old repository at @woodruffw/zizmor
will redirect to the new one, but users should update any old
links to limit confusion
## v1.7.0
This release comes with **four** new audits: [obfuscation], [stale-action-refs],
@ -218,13 +223,13 @@ This is a small corrective release for v1.4.0.
This release comes with one new audit ([unredacted-secrets]), plus a handful
of bugfixes and analysis improvements to existing audits. It also comes
with improvements to SARIF presentation, ignore comments, as well as an
[official Docker image](https://ghcr.io/woodruffw/zizmor)!
[official Docker image](https://ghcr.io/zizmorcore/zizmor)!
### New Features 🌈
* `zizmor` now has official Docker images! You can find them on the
GitHub Container Registry under
[`ghcr.io/woodruffw/zizmor`](https://ghcr.io/woodruffw/zizmor) (#532)
[`ghcr.io/zizmorcore/zizmor`](https://ghcr.io/zizmorcore/zizmor) (#532)
* **New audit**: [unredacted-secrets] detects secret accesses that
are not redacted in logs (#549)
@ -328,7 +333,7 @@ One bugfix in this release is also a slight behavior change: `zizmor`
now emits SARIF outputs with absolute paths. This should not affect most
users, but may make it slightly harder to share SARIF outputs between
machines without fully reproducing exact file paths. If this affects
you, [please let us know](https://github.com/woodruffw/zizmor/issues/new?template=bug-report.yml)!
you, [please let us know](https://github.com/zizmorcore/zizmor/issues/new?template=bug-report.yml)!
### New Features 🌈
@ -463,7 +468,7 @@ as stability commitments for existing features; read more below!
## v0.10.0
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.9.2...v0.10.0
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.9.2...v0.10.0
### New Features 🌈
* feat: handle powershell in github-env audit by @woodruffw in #227
@ -492,7 +497,7 @@ as stability commitments for existing features; read more below!
## v0.9.2
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.9.1...v0.9.2
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.9.1...v0.9.2
### Bug Fixes 🐛
* fix: template-injection: consider runner.tool_cache safe by @woodruffw in #297
@ -502,7 +507,7 @@ as stability commitments for existing features; read more below!
## v0.9.1
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.9.0...v0.9.1
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.9.0...v0.9.1
### Bug Fixes 🐛
@ -510,7 +515,7 @@ as stability commitments for existing features; read more below!
## v0.9.0
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.8.0...v0.9.0
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.8.0...v0.9.0
### New Features 🌈
* refactor: experiment with tracing by @woodruffw in #232
@ -543,7 +548,7 @@ as stability commitments for existing features; read more below!
## v0.8.0
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.7.0...v0.8.0
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.7.0...v0.8.0
### New Features 🌈
* feat: remote auditing by @woodruffw in #230
@ -559,7 +564,7 @@ as stability commitments for existing features; read more below!
## v0.7.0
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.6.0...v0.7.0
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.6.0...v0.7.0
### New Features 🌈
* Split unpinned-uses into two separate checks by @funnelfiasco in #205
@ -578,7 +583,7 @@ as stability commitments for existing features; read more below!
## v0.6.0
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.5.0...v0.6.0
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.5.0...v0.6.0
This is one of `zizmor`'s bigger recent releases! Key enhancements include:
@ -610,7 +615,7 @@ This is one of `zizmor`'s bigger recent releases! Key enhancements include:
## v0.5,0
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.4.0...v0.5.0
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.4.0...v0.5.0
### New Features 🌈
* feat: improve workflow registry error by @woodruffw in #172
@ -627,7 +632,7 @@ This is one of `zizmor`'s bigger recent releases! Key enhancements include:
## v0.4.0
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.3.2...v0.4.0
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.3.2...v0.4.0
### New Features 🌈
* Fix singular and plural for 'findings' by @hugovk in #162
@ -638,7 +643,7 @@ This is one of `zizmor`'s bigger recent releases! Key enhancements include:
## v0.3.2
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.3.1...v0.3.2
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.3.1...v0.3.2
### What's Changed
* fix(cli): remove '0 ignored' from another place by @woodruffw in #157
@ -647,7 +652,7 @@ This is one of `zizmor`'s bigger recent releases! Key enhancements include:
## v0.3.1
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.3.0...v0.3.1
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.3.0...v0.3.1
### What's Changed
* feat(cli): don't render "0 ignored" by @woodruffw in #148
@ -658,7 +663,7 @@ This is one of `zizmor`'s bigger recent releases! Key enhancements include:
## v0.3.0
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.2.1...v0.3.0
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.2.1...v0.3.0
### What's Changed
@ -669,7 +674,7 @@ This is one of `zizmor`'s bigger recent releases! Key enhancements include:
## v0.2.1
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.2.0...v0.2.1
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.2.0...v0.2.1
### What's Changed
* refactor: clean up expr APIs slightly by @woodruffw in #126
@ -679,7 +684,7 @@ This is one of `zizmor`'s bigger recent releases! Key enhancements include:
## v0.2.0
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.1.6...v0.2.0
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.1.6...v0.2.0
### What's Changed
* chore: add description to `--help` by @woodruffw in #111
@ -695,14 +700,14 @@ This is one of `zizmor`'s bigger recent releases! Key enhancements include:
## v0.1.6
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.1.5...v0.1.6
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.1.5...v0.1.6
### What's Changed
* feat: accept multiple arguments as inputs by @miketheman in #104
## v0.1.5
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.1.4...v0.1.5
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.1.4...v0.1.5
### What's Changed
* Exclude `github.run_*` from template injection check by @funnelfiasco in #92
@ -720,7 +725,7 @@ This is one of `zizmor`'s bigger recent releases! Key enhancements include:
## v0.1.4
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.1.3...v0.1.4
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.1.3...v0.1.4
### What's Changed
* perf: Enable Link-Time Optimization (LTO) by @zamazan4ik in #81
@ -736,14 +741,14 @@ This is one of `zizmor`'s bigger recent releases! Key enhancements include:
## v0.1.3
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.1.2...v0.1.3
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.1.2...v0.1.3
### What's Changed
* fix: use relative workflow paths in SARIF output by @woodruffw in #77
## v0.1.2
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.1.1...v0.1.2
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.1.1...v0.1.2
### What's Changed
* feat: github.ref_name is always an injection risk by @woodruffw in #67
@ -758,7 +763,7 @@ This is one of `zizmor`'s bigger recent releases! Key enhancements include:
## v0.1.1
**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.1.0...v0.1.1
**Full Changelog**: https://github.com/zizmorcore/zizmor/compare/v0.1.0...v0.1.1
### What's Changed
* Fix typo: security -> securely by @hugovk in #61

4
docs/usage.md
View file

@ -680,7 +680,7 @@ two primary ways to use `zizmor` in GitHub Actions:
[code scanning functionality]: https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github
[repository workflow scan]: https://github.com/woodruffw/zizmor/blob/main/.github/workflows/zizmor.yml
[repository workflow scan]: https://github.com/zizmorcore/zizmor/blob/main/.github/workflows/zizmor.yml
[running ESLint]: https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github#example-workflow-that-runs-the-eslint-analysis-tool
@ -710,7 +710,7 @@ GH_HOST=custom.ghe.com zizmor ...
To do so, add the following to your `.pre-commit-config.yaml` `repos` section:
```yaml
- repo: https://github.com/woodruffw/zizmor-pre-commit
- repo: https://github.com/zizmorcore/zizmor-pre-commit
rev: v1.7.0 # (1)!
hooks:
- id: zizmor

6
mkdocs.yml
View file

@ -5,7 +5,7 @@ site_url: https://docs.zizmor.sh/
docs_dir: docs
site_dir: site_html
dev_addr: "127.0.0.1:9999"
repo_url: https://github.com/woodruffw/zizmor
repo_url: https://github.com/zizmorcore/zizmor
edit_uri: edit/main/docs
nav:
@ -110,8 +110,8 @@ exclude_docs: |
extra:
social:
- icon: fontawesome/brands/github
link: https://github.com/woodruffw/zizmor
name: "woodruffw/zizmor on GitHub"
link: https://github.com/zizmorcore/zizmor
name: "zizmorcore/zizmor on GitHub"
- icon: fontawesome/brands/mastodon
link: https://infosec.exchange/@yossarian
name: "@yossarian@infosec.exchange on Mastodon"

2
src/main.rs
View file

@ -270,7 +270,7 @@ fn collect_from_dir(
// without a `.git/` directory. In particular, this snares some
// zizmor integrators.
//
// See: https://github.com/woodruffw/zizmor/issues/596
// See: https://github.com/zizmorcore/zizmor/issues/596
if mode.respects_gitignore() {
walker
.require_git(false)

2
src/output/sarif.rs
View file

@ -113,7 +113,7 @@ fn build_result(finding: &Finding<'_>) -> SarifResult {
// to ensure something reasonable is presented.
// This ends up being OK since the only other thing we'd put here
// is the finding's description, which is already in the rule's help message.
// See https://github.com/woodruffw/zizmor/issues/526 for context.
// See https://github.com/zizmorcore/zizmor/issues/526 for context.
.message(&primary.symbolic.annotation)
.locations(build_locations(std::iter::once(primary)))
.related_locations(build_locations(

2
tests/integration/e2e.rs
View file

@ -42,7 +42,7 @@ fn issue_569() -> Result<()> {
#[test]
fn issue_726() -> Result<()> {
// Regression test for #726.
// See: https://github.com/woodruffw/zizmor/issues/726
// See: https://github.com/zizmorcore/zizmor/issues/726
// See: https://github.com/woodruffw-experiments/zizmor-bug-726
insta::assert_snapshot!(
zizmor()

2
tests/integration/test-data/artipacked/issue-447-repro.yml
View file

@ -1,4 +1,4 @@
# see https://github.com/woodruffw/zizmor/issues/447
# see https://github.com/zizmorcore/zizmor/issues/447
name: ISSUE-447-REPRO
on: push

2
tests/integration/test-data/cache-poisoning/issue-343-repro.yml
View file

@ -1,4 +1,4 @@
# minimized from https://github.com/woodruffw/zizmor/pull/343
# minimized from https://github.com/zizmorcore/zizmor/pull/343
name: Release

2
tests/integration/test-data/cache-poisoning/issue-378-repro.yml
View file

@ -1,4 +1,4 @@
# minimized from https://github.com/woodruffw/zizmor/issues/378
# minimized from https://github.com/zizmorcore/zizmor/issues/378
name: issue-378

2
tests/integration/test-data/cache-poisoning/issue-642-repro.yml
View file

@ -1,4 +1,4 @@
# repro case for https://github.com/woodruffw/zizmor/issues/642
# repro case for https://github.com/zizmorcore/zizmor/issues/642
name: issue-642

2
tests/integration/test-data/excessive-permissions/issue-472-repro.yml
View file

@ -1,4 +1,4 @@
# repro case for https://github.com/woodruffw/zizmor/issues/472
# repro case for https://github.com/zizmorcore/zizmor/issues/472
name: issue-472-repro

2
tests/integration/test-data/template-injection/issue-22-repro.yml
View file

@ -1,6 +1,6 @@
# Adapted from :
# https://github.com/python/cpython/blob/e2325c9db0650fc06d909eb2b5930c0573f24f71/.github/workflows/jit.yml
# See also https://github.com/woodruffw/zizmor/issues/22#issuecomment-2543128489
# See also https://github.com/zizmorcore/zizmor/issues/22#issuecomment-2543128489
name: JIT
on:

2
tests/integration/test-data/template-injection/issue-339-repro.yml
View file

@ -1,4 +1,4 @@
# minimized from https://github.com/woodruffw/zizmor/issues/339
# minimized from https://github.com/zizmorcore/zizmor/issues/339
name: "Publish"

2
tests/integration/test-data/template-injection/issue-418-repro.yml
View file

@ -1,4 +1,4 @@
# reproduction case for https://github.com/woodruffw/zizmor/issues/418
# reproduction case for https://github.com/zizmorcore/zizmor/issues/418
name: Test

2
tests/integration/test-data/template-injection/pr-317-repro.yml
View file

@ -1,4 +1,4 @@
# reproduction case for https://github.com/woodruffw/zizmor/pull/317
# reproduction case for https://github.com/zizmorcore/zizmor/pull/317
name: PR-317-REPRO
on:

2
tests/integration/test-data/unpinned-uses/issue-433-repro.yml
View file

@ -1,4 +1,4 @@
# repro case for https://github.com/woodruffw/zizmor/issues/433
# repro case for https://github.com/zizmorcore/zizmor/issues/433
name: issue-433-repro