bevyengine/bevy
1
45.4k
Fork 0
mirror of https://github.com/bevyengine/bevy.git synced 2026-04-01 10:47:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
create-pull-request/patch
bevy/.github/workflows/example-run.yml
François Mockers 9e8c60076c use zizmor to lint GitHub actions (#22294) 
# Objective

- Improve security of Bevy CI

## Solution

- Use zizmor to lint actions https://github.com/zizmorcore/zizmor
- Fix a few lints
  - pin actions
  - specify `persist-credentials`
  - set write permissions at job level instead of workflow level
  - set target branch for `pull_request_target` workflows
- Add the linter as CI. With the proposed config, it should report
potential issues in the security center and not block merging. There are
still a few lints that fail and need more rework to fix
2025-12-30 01:05:07 +00:00

237 lines
9.2 KiB
YAML
Raw Permalink Blame History

Reference in New Issue View Git Blame Copy Permalink