Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit35db2d5

Browse files
hugovkAA-Turner
andauthored
Add zizmor to CI and fix findings (#283)
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
1 parentc6ef663 commit35db2d5

File tree

6 files changed

+31
-7
lines changed

6 files changed

+31
-7
lines changed

‎.github/dependabot.yml‎

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,3 +10,5 @@ updates:
1010
actions:
1111
patterns:
1212
-"*"
13+
cooldown:
14+
default-days:7

‎.github/workflows/lint.yml‎

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,18 +2,20 @@ name: Lint
22

33
on:[push, pull_request, workflow_dispatch]
44

5+
permissions:{}
6+
57
env:
68
FORCE_COLOR:1
7-
8-
permissions:
9-
contents:read
9+
RUFF_OUTPUT_FORMAT:github
1010

1111
jobs:
1212
lint:
1313
runs-on:ubuntu-latest
1414

1515
steps:
1616
-uses:actions/checkout@v6
17+
with:
18+
persist-credentials:false
1719
-uses:actions/setup-python@v6
1820
with:
1921
python-version:"3.x"

‎.github/workflows/pypi-package.yml‎

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,7 @@ on:
88
-published
99
workflow_dispatch:
1010

11-
permissions:
12-
contents:read
11+
permissions:{}
1312

1413
env:
1514
FORCE_COLOR:1
@@ -22,6 +21,8 @@ jobs:
2221

2322
steps:
2423
-uses:actions/checkout@v6
24+
with:
25+
persist-credentials:false
2526
-uses:actions/setup-python@v6
2627

2728
-name:Compile translations
@@ -55,5 +56,3 @@ jobs:
5556

5657
-name:Upload package to PyPI
5758
uses:pypa/gh-action-pypi-publish@release/v1
58-
with:
59-
attestations:true

‎.github/workflows/tests.yml‎

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@ name: Tests
22

33
on:[push, pull_request, workflow_dispatch]
44

5+
permissions:{}
6+
57
env:
68
FORCE_COLOR:1
79

@@ -18,6 +20,8 @@ jobs:
1820
branch:"main"
1921
steps:
2022
-uses:actions/checkout@v6
23+
with:
24+
persist-credentials:false
2125
-uses:actions/setup-python@v6
2226
with:
2327
python-version:${{ matrix.python-version }}
@@ -63,6 +67,8 @@ jobs:
6367
python-version:["3.12", "3"]
6468
steps:
6569
-uses:actions/checkout@v6
70+
with:
71+
persist-credentials:false
6672
-uses:actions/setup-python@v6
6773
with:
6874
python-version:${{ matrix.python-version }}

‎.github/zizmor.yml‎

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
# Configuration for the zizmor static analysis tool, run via pre-commit in CI
2+
# https://woodruffw.github.io/zizmor/configuration/
3+
rules:
4+
dangerous-triggers:
5+
ignore:
6+
-documentation-links.yml
7+
unpinned-uses:
8+
config:
9+
policies:
10+
"*":ref-pin

‎.pre-commit-config.yaml‎

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,11 @@ repos:
3232
hooks:
3333
-id:actionlint
3434

35+
-repo:https://github.com/woodruffw/zizmor-pre-commit
36+
rev:v1.17.0
37+
hooks:
38+
-id:zizmor
39+
3540
-repo:https://github.com/tox-dev/pyproject-fmt
3641
rev:v2.5.0
3742
hooks:

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp