mirrors/zizmor
1
0
Fork 0
mirror of https://github.com/zizmorcore/zizmor.git synced 2025-12-23 08:47:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

chore(deps): bump the github-actions group with 6 updates (#1096)
Some checks are pending
Benchmark baseline / Continuous Benchmarking with Bencher (push) Waiting to run
Details
CI / Lint (push) Waiting to run
Details
CI / Test (push) Waiting to run
Details
CI / Test site build (push) Waiting to run
Details
CI / All tests pass (push) Blocked by required conditions
Details
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (manylinux) (push) Waiting to run
Details
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (musllinux) (push) Waiting to run
Details
zizmor wheel builds for PyPI 🐍 / Build Windows wheels (push) Waiting to run
Details
zizmor wheel builds for PyPI 🐍 / Build macOS wheels (push) Waiting to run
Details
zizmor wheel builds for PyPI 🐍 / Build source distribution (push) Waiting to run
Details
zizmor wheel builds for PyPI 🐍 / Release (push) Blocked by required conditions
Details
Deploy zizmor documentation site 🌐 / Deploy zizmor documentation to GitHub Pages 🌐 (push) Waiting to run
Details
GitHub Actions Security Analysis with zizmor 🌈 / Run zizmor 🌈 (push) Waiting to run
Details

Browse source 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit is contained in:
dependabot[bot] 2025-08-18 14:59:00 -04:00 committed by GitHub
parent 9d6aa92a77
commit bf4bf9e0ae
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
8 changed files with 18 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.github/workflows/benchmark-base.yml vendored
View file

@ -28,7 +28,7 @@ jobs:
persist-credentials: false
- name: Set up Bencher
uses: bencherdev/bencher@f89d454e74a32a81b2eab29fe0afdb2316617342 # v0.5.3
uses: bencherdev/bencher@e0bb2f0dcd5ae8446994d15536c902b289eeda17 # v0.5.4
- name: Installer hyperfine
run: |
@ -37,7 +37,7 @@ jobs:
- uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
- uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
- uses: astral-sh/setup-uv@d9e0f98d3fc6adb07d1e3d37f3043649ddad06a1 # v6.5.0
# TODO: use actions/cache to cache the plan phase here.
- name: Run benchmarks

4
.github/workflows/benchmark-pr-1p.yml vendored
View file

@ -39,7 +39,7 @@ jobs:
persist-credentials: false
- name: Set up Bencher
uses: bencherdev/bencher@f89d454e74a32a81b2eab29fe0afdb2316617342 # v0.5.3
uses: bencherdev/bencher@e0bb2f0dcd5ae8446994d15536c902b289eeda17 # v0.5.4
- name: Installer hyperfine
run: |
@ -48,7 +48,7 @@ jobs:
- uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
- uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
- uses: astral-sh/setup-uv@d9e0f98d3fc6adb07d1e3d37f3043649ddad06a1 # v6.5.0
# TODO: use actions/cache to cache the plan phase here.
- name: Run benchmarks

4
.github/workflows/ci.yml vendored
View file

@ -35,7 +35,7 @@ jobs:
- uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
- uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
- uses: astral-sh/setup-uv@d9e0f98d3fc6adb07d1e3d37f3043649ddad06a1 # v6.5.0
- name: Test dependencies
run: |
@ -62,7 +62,7 @@ jobs:
with:
persist-credentials: false
- uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
- uses: astral-sh/setup-uv@d9e0f98d3fc6adb07d1e3d37f3043649ddad06a1 # v6.5.0
- name: Test site
run: make site

4
.github/workflows/codegen.yml vendored
View file

@ -62,7 +62,7 @@ jobs:
with:
persist-credentials: false
- uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
- uses: astral-sh/setup-uv@d9e0f98d3fc6adb07d1e3d37f3043649ddad06a1 # v6.5.0
- name: try to refresh context capabilities
run: |
@ -100,7 +100,7 @@ jobs:
with:
persist-credentials: false
- uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
- uses: astral-sh/setup-uv@d9e0f98d3fc6adb07d1e3d37f3043649ddad06a1 # v6.5.0
- name: try to refresh CodeQL injection sinks
run: |

12
.github/workflows/release-pypi.yml vendored
View file

@ -41,7 +41,7 @@ jobs:
with:
persist-credentials: false
- name: Build wheels
uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
uses: PyO3/maturin-action@86b9d133d34bc1b40018696f782949dac11bd380 # v1.49.4
with:
target: ${{ matrix.platform.target }}
args: --release --out dist --manifest-path crates/zizmor/Cargo.toml
@ -71,7 +71,7 @@ jobs:
with:
persist-credentials: false
- name: Build wheels
uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
uses: PyO3/maturin-action@86b9d133d34bc1b40018696f782949dac11bd380 # v1.49.4
with:
target: ${{ matrix.platform.target }}
args: --release --out dist --manifest-path crates/zizmor/Cargo.toml
@ -97,7 +97,7 @@ jobs:
with:
persist-credentials: false
- name: Build wheels
uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
uses: PyO3/maturin-action@86b9d133d34bc1b40018696f782949dac11bd380 # v1.49.4
with:
target: ${{ matrix.platform.target }}
args: --release --out dist --manifest-path crates/zizmor/Cargo.toml
@ -122,7 +122,7 @@ jobs:
with:
persist-credentials: false
- name: Build wheels
uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
uses: PyO3/maturin-action@86b9d133d34bc1b40018696f782949dac11bd380 # v1.49.4
with:
target: ${{ matrix.platform.target }}
args: --release --out dist --manifest-path crates/zizmor/Cargo.toml
@ -140,7 +140,7 @@ jobs:
with:
persist-credentials: false
- name: Build sdist
uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
uses: PyO3/maturin-action@86b9d133d34bc1b40018696f782949dac11bd380 # v1.49.4
with:
command: sdist
args: --out dist --manifest-path crates/zizmor/Cargo.toml
@ -173,7 +173,7 @@ jobs:
subject-path: 'wheels-*/*'
- name: Publish to PyPI
if: ${{ startsWith(github.ref, 'refs/tags/') }}
uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
uses: PyO3/maturin-action@86b9d133d34bc1b40018696f782949dac11bd380 # v1.49.4
with:
command: upload
args: --non-interactive --skip-existing wheels-*/*

4
.github/workflows/site.yml vendored
View file

@ -31,7 +31,7 @@ jobs:
persist-credentials: false
- name: Install the latest version of uv
uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
uses: astral-sh/setup-uv@d9e0f98d3fc6adb07d1e3d37f3043649ddad06a1 # v6.5.0
- name: build site
run: make site
@ -41,7 +41,7 @@ jobs:
uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0
- name: Upload artifact
uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1
uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0
with:
path: site_html

2
.github/workflows/test-output.yml vendored
View file

@ -30,7 +30,7 @@ jobs:
cargo run -- --format sarif . > results.sarif
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3.29.8
uses: github/codeql-action/upload-sarif@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10
with:
sarif_file: results.sarif
category: zizmor-test-sarif-presentation

2
.github/workflows/zizmor.yml vendored
View file

@ -21,7 +21,7 @@ jobs:
persist-credentials: false
- name: Run zizmor 🌈
uses: zizmorcore/zizmor-action@f52a838cfabf134edcbaa7c8b3677dde20045018 # v0.1.1
uses: zizmorcore/zizmor-action@5ca5fc7a4779c5263a3ffa0e1f693009994446d1 # v0.1.2
with:
# intentionally not scanning the entire repository,
# since it contains integration tests.