Various improvements are identified by zizmor - see security tab - so resolve and then ensure the linting step fails if new changes introduce problems:
- name: Run zizmor
uses: zizmorcore/zizmor-action@...
with:
# Set to false to prevent upload and explicitly fail
advanced-security: falseOr provide alerting or similar via a status check instead which may be better.
Various improvements are identified by zizmor - see security tab - so resolve and then ensure the linting step fails if new changes introduce problems:
Or provide alerting or similar via a status check instead which may be better.