Skip to content

[PD1-905] Roll out zizmor#31

Merged
joshuanapoli merged 1 commit into
mainfrom
pd1-905-zizmor
Jun 9, 2026
Merged

[PD1-905] Roll out zizmor#31
joshuanapoli merged 1 commit into
mainfrom
pd1-905-zizmor

Conversation

@joshuanapoli

@joshuanapoli joshuanapoli commented Jun 9, 2026

Copy link
Copy Markdown
Member

Summary

Roll out zizmor static analysis.

Fixes by rule

  • artipacked (auto-fixed): added persist-credentials: false to the checkout steps in .github/workflows/ci.yml and .github/workflows/license-check-python.yml.
  • excessive-permissions: added a minimal permissions: { contents: read } block to the build job in .github/workflows/ci.yml and the license-check job in .github/workflows/license-check-python.yml.

zizmor (v1.25.2) now reports no findings.

@joshuanapoli joshuanapoli self-assigned this Jun 9, 2026
@gemini-code-assist

Copy link
Copy Markdown
Contributor

Note

Gemini is unable to generate a review for this pull request due to the file types involved not being currently supported.

Resolve all zizmor GitHub Actions static-analysis findings.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@joshuanapoli joshuanapoli merged commit dc0def3 into main Jun 9, 2026
13 checks passed
@joshuanapoli joshuanapoli deleted the pd1-905-zizmor branch June 9, 2026 22:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants