Add pinact and zizmor workflow checks · labd/terraform-provider-sonarqube@6932a3b

Triggered via pull request April 28, 2026 13:29

opened #28

pin-actions

Status Failure

Total duration 17s

Artifacts –

zizmor.yaml

on: pull_request

5 errors

Process completed with exit code 14.

unpinned-uses: .github/workflows/triage.yaml#L18

triage.yaml:18: unpinned action reference: action is not pinned to a hash (required by blanket policy)

cache-poisoning: .github/workflows/release.yaml#L15

release.yaml:15: runtime artifacts potentially vulnerable to a cache poisoning attack: enables caching by default

bot-conditions: .github/workflows/dependabot-changie.yaml#L15

dependabot-changie.yaml:15: spoofable bot actor check: actor context may be spoofable

unpinned-uses: .github/workflows/dependabot-changie.yaml#L32

dependabot-changie.yaml:32: unpinned action reference: action is not pinned to a hash (required by blanket policy)