mirror of
https://github.com/anchore/syft.git
synced 2026-02-12 10:36:45 +01:00
3e563d90d5
* ci: enable zizmor to fail PRs Enable zizmor (gh actions yaml linter) to fail builds in PRs. Fix any outstanding linting errors found by this tool. Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> * fix outdated version comments Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> --------- Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
12 lines
385 B
YAML
12 lines
385 B
YAML
rules:
|
|
unpinned-uses:
|
|
config:
|
|
policies:
|
|
# anchore/workflows is an internal repository; using @main is acceptable
|
|
anchore/*: any
|
|
dangerous-triggers:
|
|
ignore:
|
|
# Safe use of pull_request_target - only runs trusted scripts from base repo,
|
|
# never checks out PR code, needs secrets for labeling PRs from forks
|
|
- detect-schema-changes.yaml
|