mirror of
https://github.com/zizmorcore/zizmor.git
synced 2025-12-23 08:47:33 +00:00
de6ef65ba0
Some checks are pending
CI / Lint (push) Waiting to run
CI / Test (push) Waiting to run
CI / Test site build (push) Waiting to run
CI / All tests pass (push) Blocked by required conditions
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (manylinux) (push) Waiting to run
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (musllinux) (push) Waiting to run
zizmor wheel builds for PyPI 🐍 / Build Windows wheels (push) Waiting to run
zizmor wheel builds for PyPI 🐍 / Build macOS wheels (push) Waiting to run
zizmor wheel builds for PyPI 🐍 / Build source distribution (push) Waiting to run
zizmor wheel builds for PyPI 🐍 / Release (push) Blocked by required conditions
Deploy zizmor documentation site 🌐 / Deploy zizmor documentation to GitHub Pages 🌐 (push) Waiting to run
GitHub Actions Security Analysis with zizmor 🌈 / Run zizmor 🌈 (push) Waiting to run
Signed-off-by: William Woodruff <william@yossarian.net>
3.7 KiB
3.7 KiB
🌈 zizmor
zizmor is a static analysis tool for GitHub Actions.
It can find many common security issues in typical GitHub Actions CI/CD setups, including:
- Template injection vulnerabilities, leading to attacker-controlled code execution
- Accidental credential persistence and leakage
- Excessive permission scopes and credential grants to runners
- Impostor commits and confusable
gitreferences - ...and much more!
See zizmor's documentation
for installation steps, as well as a quickstart and
detailed usage recipes.
License
zizmor is licensed under the MIT License.
Contributing
The name?
Now you can have beautiful clean workflows!
Sponsors 💖
zizmor's development is supported by these amazing sponsors!
Grafana Labs |
Trail of Bits |
Shipfox |
| Alexander Riccio |
Want to see your name or logo above? Consider becoming a sponsor through one of the following:
- GitHub Sponsors (preferred)
- thanks.dev
- ko-fi