Skip to content

chore(deps): bump mistune from 3.2.1 to 3.3.0 #136

chore(deps): bump mistune from 3.2.1 to 3.3.0

chore(deps): bump mistune from 3.2.1 to 3.3.0 #136

Workflow file for this run

name: zizmor
# Static security analysis of the GitHub Actions workflows themselves
# (template injection, excessive permissions, credential persistence, unpinned
# actions, Dependabot cooldown, ...). Complements actionlint (correctness) and
# CodeQL (code). Configuration, including the exclusion of the ODK-generated
# qc.yml, lives in .github/zizmor.yml.
on:
push:
branches: [main]
pull_request:
branches: [main]
workflow_dispatch:
permissions:
contents: read
jobs:
zizmor:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
persist-credentials: false
- name: Install uv
run: |
curl -LsSf https://astral.sh/uv/install.sh | sh
echo "$HOME/.local/bin" >> "$GITHUB_PATH"
- name: Run zizmor
env:
GH_TOKEN: ${{ github.token }}
run: uvx zizmor@1.25.2 .github/