Files
yfinance-fork/.github/workflows/zizmor.yml
T
dependabot[bot] 89ad803fad Bump zizmorcore/zizmor-action from 0.5.3 to 0.5.6
Bumps [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) from 0.5.3 to 0.5.6.
- [Release notes](https://github.com/zizmorcore/zizmor-action/releases)
- [Commits](https://github.com/zizmorcore/zizmor-action/compare/b1d7e1fb5de872772f31590499237e7cce841e8e...5f14fd08f7cf1cb1609c1e344975f152c7ee938d)

---
updated-dependencies:
- dependency-name: zizmorcore/zizmor-action
  dependency-version: 0.5.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-05-21 12:02:28 +00:00

26 lines
897 B
YAML

name: zizmor
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
zizmor:
runs-on: ubuntu-latest
permissions:
security-events: write
contents: read
steps:
- name: Checkout
# Verify: curl -s "https://api.github.com/repos/actions/checkout/commits?sha=v6&until=$(date -u -d '7 days ago' '+%Y-%m-%dT%H:%M:%SZ')&per_page=1" | jq -r '.[0].sha'
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
persist-credentials: false
- name: Run zizmor
# Verify: curl -s "https://api.github.com/repos/zizmorcore/zizmor-action/commits?sha=v0.5.2&until=$(date -u -d '7 days ago' '+%Y-%m-%dT%H:%M:%SZ')&per_page=1" | jq -r '.[0].sha'
uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}