Skip to content

Lint workflows#2285

Open
djc wants to merge 6 commits intomainfrom
lint-workflows
Open

Lint workflows#2285
djc wants to merge 6 commits intomainfrom
lint-workflows

Conversation

@djc
Copy link
Member

@djc djc commented Jun 30, 2025

Fixes #2180.

@djc djc requested review from Ralith and gretchenfrage as code owners June 30, 2025 14:54
@github-advanced-security
Copy link

github-advanced-security bot commented Jun 30, 2025

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 30, 2025
View reviewed changes
.github/workflows/rust.yml
- uses: actions/checkout@v4
- uses: EmbarkStudios/cargo-deny-action@v2
- uses: actions/checkout@v4
- uses: EmbarkStudios/cargo-deny-action@v2

Check failure

Code scanning / zizmor

unpinned action reference

unpinned action reference
.github/workflows/rust.yml
- name: Install Android SDK
uses: android-actions/setup-android@v3
- name: Install Android SDK
uses: android-actions/setup-android@v3

Check failure

Code scanning / zizmor

unpinned action reference

unpinned action reference
.github/workflows/rust.yml
toolchain: stable
target: ${{ matrix.target }}
- name: Install Rust
uses: dtolnay/rust-toolchain@stable

Check failure

Code scanning / zizmor

unpinned action reference

unpinned action reference
.github/workflows/rust.yml
target: ${{ matrix.target }}

- uses: Swatinem/rust-cache@v2
- uses: Swatinem/rust-cache@v2

Check failure

Code scanning / zizmor

unpinned action reference

unpinned action reference
.github/workflows/rust.yml
- name: Set up Android Emulator and run tests
env:
TARGET: ${{ matrix.target }}
uses: reactivecircus/android-emulator-runner@v2

Check failure

Code scanning / zizmor

unpinned action reference

unpinned action reference
@djc djc force-pushed the lint-workflows branch from d1c75b8 to 9c7b869 Compare June 30, 2025 15:16
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 30, 2025
View reviewed changes
.github/workflows/rust.yml
Comment on lines +297 to +313
actionlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Download actionlint
id: get_actionlint
run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
shell: bash
- name: Check workflow files
run: ${{ steps.get_actionlint.outputs.executable }} -color
shell: bash

Check warning

Code scanning / zizmor

overly broad permissions

overly broad permissions
.github/workflows/rust.yml Outdated
run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
shell: bash
- name: Check workflow files
run: ${{ steps.get_actionlint.outputs.executable }} -color

Check notice

Code scanning / zizmor

code injection via template expansion

code injection via template expansion
@djc djc force-pushed the lint-workflows branch from 9c7b869 to 7f535f0 Compare July 4, 2025 13:37
@djc djc mentioned this pull request Oct 25, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Ralith Ralith Awaiting requested review from Ralith Ralith is a code owner

@gretchenfrage gretchenfrage Awaiting requested review from gretchenfrage gretchenfrage is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Workflow issues

1 participant

@djc