Skip to content
GitHub Actions Security Analysis with zizmor 🌈

Add zizmorify configuration #3

Sign in to view logs

Add zizmorify configuration

Add zizmorify configuration #3

Triggered via pull request June 20, 2026 08:28
@samdarksamdark
synchronize #4619
add-zizmorify-config
Status Failure
Total duration 21m 32s
Artifacts

zizmor.yml

on: pull_request
Run zizmor 🌈
12s
Run zizmor 🌈
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 4 warnings
unpinned-images: .github/workflows/build.yml#L51
build.yml:51: unpinned image references: container image is not pinned to a SHA256 hash
unpinned-images: .github/workflows/build.yml#L41
build.yml:41: unpinned image references: container image is not pinned to a SHA256 hash
unpinned-uses: .github/workflows/build.yml#L128
build.yml:128: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/build.yml#L111
build.yml:111: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/build.yml#L104
build.yml:104: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/build.yml#L96
build.yml:96: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/build.yml#L88
build.yml:88: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/build.yml#L79
build.yml:79: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/build.yml#L74
build.yml:74: unpinned action reference: action is not pinned to a hash (required by blanket policy)
unpinned-uses: .github/workflows/build.yml#L71
build.yml:71: unpinned action reference: action is not pinned to a hash (required by blanket policy)
concurrency-limits: .github/workflows/build.yml#L1
build.yml:1: insufficient job-level concurrency limits: workflow is missing concurrency setting
excessive-permissions: .github/workflows/build.yml#L8
build.yml:8: overly broad permissions: default permissions used due to no permissions: block
excessive-permissions: .github/workflows/build.yml#L1
build.yml:1: overly broad permissions: default permissions used due to no permissions: block
artipacked: .github/workflows/build.yml#L73
build.yml:73: credential persistence through GitHub Actions artifacts: does not set persist-credentials: false