Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/woodruffw/zizmor

A static analysis tool for GitHub Actions
https://github.com/woodruffw/zizmor

github-actions security security-tools static-analysis

Last synced: 6 days ago
JSON representation

A static analysis tool for GitHub Actions

Host: GitHub
URL: https://github.com/woodruffw/zizmor
Owner: woodruffw
License: mit
Created: 2024-08-19T18:26:28.000Z (5 months ago)
Default Branch: main
Last Pushed: 2024-12-23T21:36:13.000Z (12 days ago)
Last Synced: 2024-12-24T04:51:38.200Z (12 days ago)
Topics: github-actions, security, security-tools, static-analysis
Language: Rust
Homepage: https://woodruffw.github.io/zizmor/
Size: 758 KB
Stars: 1,500
Watchers: 5
Forks: 34
Open Issues: 36
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE

Awesome Lists containing this project

README

        # 🌈 zizmor

[![CI](https://github.com/woodruffw/zizmor/actions/workflows/ci.yml/badge.svg)](https://github.com/woodruffw/zizmor/actions/workflows/ci.yml)

[![Crates.io](https://img.shields.io/crates/v/zizmor)](https://crates.io/crates/zizmor)

[![Packaging status](https://repology.org/badge/tiny-repos/zizmor.svg)](https://repology.org/project/zizmor/versions)

[![GitHub Sponsors](https://img.shields.io/github/sponsors/woodruffw?style=flat&logo=githubsponsors&labelColor=white&color=white)](https://github.com/sponsors/woodruffw)

`zizmor` is a static analysis tool for GitHub Actions. It can find

many common security issues in typical GitHub Actions CI/CD setups.

> [!IMPORTANT]

> `zizmor` is currently in beta. You will encounter bugs; [please file them]!

![zizmor demo](./docs/assets/zizmor-demo.gif)

See [`zizmor`'s documentation](https://woodruffw.github.io/zizmor/)

for [installation steps], as well as a [quickstart] and

[detailed usage recipes].

[please file them]: https://github.com/woodruffw/zizmor/issues/new?assignees=&labels=bug%2Ctriage&projects=&template=bug-report.yml&title=%5BBUG%5D%3A+

[installation steps]: https://woodruffw.github.io/zizmor/installation/

[quickstart]: https://woodruffw.github.io/zizmor/quickstart/

[detailed usage recipes]: https://woodruffw.github.io/zizmor/usage/

## License

`zizmor` is licensed under the [MIT License](./LICENSE).

## Contributing

See [our contributing guide!](./CONTRIBUTING.md)

## The name?

*[Now you can have beautiful clean workflows!]*

[Now you can have beautiful clean workflows!]: https://www.youtube.com/watch?v=ol7rxFCvpy8

## Star History