mirrors/zizmor
1
0
Fork 0
mirror of https://github.com/zizmorcore/zizmor.git synced 2025-12-23 08:47:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
Static analysis for GitHub Actions http://docs.zizmor.sh/
646 commits 6 branches 118 tags 18 MiB
Find a file
JC Grünhage 25169a4f0b
docs: clarify that Chimera Linux requires enabling the user repo first (#848)
2025-05-23 13:27:08 +00:00
.cargo ci: experiment with a binary release build (#828) 2025-05-20 14:29:51 -04:00
.github Extract context patterns from webhook schemata (#745) 2025-05-22 15:31:05 -04:00
crates Extract context patterns from webhook schemata (#745) 2025-05-22 15:31:05 -04:00
docs docs: clarify that Chimera Linux requires enabling the user repo first (#848) 2025-05-23 13:27:08 +00:00
support Extract context patterns from webhook schemata (#745) 2025-05-22 15:31:05 -04:00
.gitignore feat: unsecure-commands-allowed audit (#176) 2024-11-19 21:11:10 +00:00
Cargo.lock Extract context patterns from webhook schemata (#745) 2025-05-22 15:31:05 -04:00
Cargo.toml Extract context patterns from webhook schemata (#745) 2025-05-22 15:31:05 -04:00
CONTRIBUTING.md chore(docs): the great @zizmorcore renaming (#776) 2025-05-09 20:08:45 -04:00
Dockerfile ci: convert Dockerfile to Wolfi (#667) 2025-04-14 19:09:48 +00:00
LICENSE chore: add LICENSE 2024-10-27 12:42:49 -04:00
Makefile Extract context patterns from webhook schemata (#745) 2025-05-22 15:31:05 -04:00
mkdocs.yml docs: update org for shortcut links (#845) 2025-05-22 10:31:21 -04:00
pyproject.toml Extract context patterns from webhook schemata (#745) 2025-05-22 15:31:05 -04:00
README.md chore(docs): the great @zizmorcore renaming (#776) 2025-05-09 20:08:45 -04:00
uv.lock Extract context patterns from webhook schemata (#745) 2025-05-22 15:31:05 -04:00

README.md

🌈 zizmor

CI Crates.io Packaging status GitHub Sponsors Discord

zizmor is a static analysis tool for GitHub Actions.

It can find many common security issues in typical GitHub Actions CI/CD setups, including:

  • Template injection vulnerabilities, leading to attacker-controlled code execution
  • Accidental credential persistence and leakage
  • Excessive permission scopes and credential grants to runners
  • Impostor commits and confusable git references
  • ...and much more!

zizmor demo

See zizmor's documentation for installation steps, as well as a quickstart and detailed usage recipes.

License

zizmor is licensed under the MIT License.

Contributing

See our contributing guide!

The name?

Now you can have beautiful clean workflows!

Sponsors 💖

zizmor's development is supported by these amazing sponsors!


Astral

Star History

Star History Chart