mirror of
https://github.com/bevyengine/bevy.git
synced 2026-03-30 15:37:14 +00:00
9e8c60076c
# Objective - Improve security of Bevy CI ## Solution - Use zizmor to lint actions https://github.com/zizmorcore/zizmor - Fix a few lints - pin actions - specify `persist-credentials` - set write permissions at job level instead of workflow level - set target branch for `pull_request_target` workflows - Add the linter as CI. With the proposed config, it should report potential issues in the security center and not block merging. There are still a few lints that fail and need more rework to fix
100 lines
3.4 KiB
YAML
100 lines
3.4 KiB
YAML