[zizmor] is a static analysis tool for finding common vulnerability issues in GitHub Actions workflows. This is a must for us. To take advantage of zizmor, we need to implement the following tasks: - [ ] Create a `check-actions-security` action - [ ] Use previous action to validate this repository - [ ] Fix vulnerabilities across this repository [zizmor]: https://github.com/woodruffw/zizmor
zizmor is a static analysis tool for finding common vulnerability issues in GitHub Actions workflows. This is a must for us.
To take advantage of zizmor, we need to implement the following tasks:
check-actions-securityaction