{"id":17946803,"url":"https://github.com/woodruffw/zizmor","last_synced_at":"2025-04-23T17:19:40.215Z","repository":{"id":259762955,"uuid":"844670429","full_name":"woodruffw/zizmor","owner":"woodruffw","description":"A static analysis tool for GitHub Actions","archived":false,"fork":false,"pushed_at":"2025-04-22T16:04:26.000Z","size":1727,"stargazers_count":2277,"open_issues_count":51,"forks_count":62,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-04-23T17:19:27.355Z","etag":null,"topics":["github-actions","security","security-tools","static-analysis"],"latest_commit_sha":null,"homepage":"https://woodruffw.github.io/zizmor/","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/woodruffw.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"woodruffw","thanks_dev":"u/gh/woodruffw"}},"created_at":"2024-08-19T18:26:28.000Z","updated_at":"2025-04-23T13:58:49.000Z","dependencies_parsed_at":"2024-10-27T22:31:19.349Z","dependency_job_id":"a14b5e65-9b35-4413-82d6-73d448acc350","html_url":"https://github.com/woodruffw/zizmor","commit_stats":{"total_commits":305,"total_committers":22,"mean_commits":"13.863636363636363","dds":"0.22295081967213115","last_synced_commit":"bb463f779ff5ab7dcc6e71df33d639241fa8fca8"},"previous_names":["woodruffw/zizmor"],"tags_count":35,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/woodruffw%2Fzizmor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/woodruffw%2Fzizmor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/woodruffw%2Fzizmor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/woodruffw%2Fzizmor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/woodruffw","download_url":"https://codeload.github.com/woodruffw/zizmor/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250477820,"owners_count":21437049,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["github-actions","security","security-tools","static-analysis"],"created_at":"2024-10-29T07:07:39.193Z","updated_at":"2025-04-23T17:19:40.183Z","avatar_url":"https://github.com/woodruffw.png","language":"Rust","funding_links":["https://github.com/sponsors/woodruffw","https://thanks.dev/u/gh/woodruffw"],"categories":["Rust","Static workflow file scanning"],"sub_categories":[],"readme":"# 🌈 zizmor\n\n[![CI](https://github.com/woodruffw/zizmor/actions/workflows/ci.yml/badge.svg)](https://github.com/woodruffw/zizmor/actions/workflows/ci.yml)\n[![Crates.io](https://img.shields.io/crates/v/zizmor)](https://crates.io/crates/zizmor)\n[![Packaging status](https://repology.org/badge/tiny-repos/zizmor.svg)](https://repology.org/project/zizmor/versions)\n[![GitHub Sponsors](https://img.shields.io/github/sponsors/woodruffw?style=flat\u0026logo=githubsponsors\u0026labelColor=white\u0026color=white)](https://github.com/sponsors/woodruffw)\n\n`zizmor` is a static analysis tool for GitHub Actions.\n\nIt can find many common security issues in typical GitHub Actions CI/CD setups,\nincluding:\n\n* Template injection vulnerabilities, leading to attacker-controlled code execution\n* Accidental credential persistence and leakage\n* Excessive permission scopes and credential grants to runners\n* Impostor commits and confusable `git` references\n* ...[and much more]!\n\n[and much more]: https://woodruffw.github.io/zizmor/audits/\n\n![zizmor demo](https://raw.githubusercontent.com/woodruffw/zizmor/main/docs/assets/zizmor-demo.gif)\n\nSee [`zizmor`'s documentation](https://woodruffw.github.io/zizmor/)\nfor [installation steps], as well as a [quickstart] and\n[detailed usage recipes].\n\n[please file them]: https://github.com/woodruffw/zizmor/issues/new?assignees=\u0026labels=bug%2Ctriage\u0026projects=\u0026template=bug-report.yml\u0026title=%5BBUG%5D%3A+\n\n[installation steps]: https://woodruffw.github.io/zizmor/installation/\n\n[quickstart]: https://woodruffw.github.io/zizmor/quickstart/\n\n[detailed usage recipes]: https://woodruffw.github.io/zizmor/usage/\n\n## License\n\n`zizmor` is licensed under the [MIT License](./LICENSE).\n\n## Contributing\n\nSee [our contributing guide!](./CONTRIBUTING.md)\n\n## The name?\n\n*[Now you can have beautiful clean workflows!]*\n\n[Now you can have beautiful clean workflows!]: https://www.youtube.com/watch?v=ol7rxFCvpy8\n\n## Sponsors 💖\n\n`zizmor`'s development is supported by these amazing sponsors!\n\n\u003c!-- @@begin-sponsors@@ --\u003e\n\u003ctable\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\" valign=\"top\" width=\"15%\"\u003e\n\u003ca href=\"https://astral.sh/\"\u003e\n\u003cimg src=\"https://avatars.githubusercontent.com/u/115962839?s=100\u0026v=4\" width=\"100px\"\u003e\n\u003cbr\u003e\nAstral\n\u003c/a\u003e\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- @@end-sponsors@@ --\u003e\n\n## Star History\n\n\u003ca href=\"https://star-history.com/#woodruffw/zizmor\u0026Date\"\u003e\n \u003cpicture\u003e\n   \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://api.star-history.com/svg?repos=woodruffw/zizmor\u0026type=Date\u0026theme=dark\" /\u003e\n   \u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://api.star-history.com/svg?repos=woodruffw/zizmor\u0026type=Date\" /\u003e\n   \u003cimg alt=\"Star History Chart\" src=\"https://api.star-history.com/svg?repos=woodruffw/zizmor\u0026type=Date\" /\u003e\n \u003c/picture\u003e\n\u003c/a\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwoodruffw%2Fzizmor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwoodruffw%2Fzizmor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwoodruffw%2Fzizmor/lists"}