Skip to content
GitHub Actions Security Analysis with zizmor 🌈

Add zizmorify configuration #3

Sign in to view logs

Add zizmorify configuration

Add zizmorify configuration #3

Triggered via pull request June 19, 2026 09:48
@samdarksamdark
synchronize #163
add-zizmorify-config
Status Failure
Total duration 8h 20m 18s
Artifacts

zizmor.yml

on: pull_request
Run zizmor 🌈
11s
Run zizmor 🌈
Fit to window
Zoom out
Zoom in

Annotations

9 errors and 10 warnings
Run zizmor 🌈
Process completed with exit code 14.
unpinned-uses: .github/workflows/static.yml#L28
static.yml:28: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/rector.yml#L16
rector.yml:16: unpinned action reference: action is not pinned to a hash (required by blanket policy)
dangerous-triggers: .github/workflows/rector.yml#L1
rector.yml:1: use of fundamentally insecure workflow trigger: pull_request_target is almost always used insecurely
unpinned-uses: .github/workflows/mutation.yml#L28
mutation.yml:28: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/composer-require-checker.yml#L29
composer-require-checker.yml:29: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/build.yml#L38
build.yml:38: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/build.yml#L27
build.yml:27: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/bc.yml#L28
bc.yml:28: unpinned action reference: action is not pinned to a hash (required by blanket policy)
excessive-permissions: .github/workflows/static.yml#L1
static.yml:1: overly broad permissions: default permissions used due to no permissions: block
excessive-permissions: .github/workflows/rector.yml#L15
rector.yml:15: overly broad permissions: default permissions used due to no permissions: block
excessive-permissions: .github/workflows/rector.yml#L1
rector.yml:1: overly broad permissions: default permissions used due to no permissions: block
excessive-permissions: .github/workflows/composer-require-checker.yml#L28
composer-require-checker.yml:28: overly broad permissions: default permissions used due to no permissions: block
excessive-permissions: .github/workflows/composer-require-checker.yml#L1
composer-require-checker.yml:1: overly broad permissions: default permissions used due to no permissions: block
excessive-permissions: .github/workflows/build.yml#L37
build.yml:37: overly broad permissions: default permissions used due to no permissions: block
excessive-permissions: .github/workflows/build.yml#L26
build.yml:26: overly broad permissions: default permissions used due to no permissions: block
excessive-permissions: .github/workflows/build.yml#L1
build.yml:1: overly broad permissions: default permissions used due to no permissions: block
excessive-permissions: .github/workflows/bc.yml#L27
bc.yml:27: overly broad permissions: default permissions used due to no permissions: block
excessive-permissions: .github/workflows/bc.yml#L1
bc.yml:1: overly broad permissions: default permissions used due to no permissions: block