mirror of
https://github.com/aquasecurity/trivy-action.git
synced 2026-05-14 03:02:40 +00:00
DmitriyLewen
e368e32897
* ci: add zizmor security linter for GitHub Actions * ci: disable advanced-security for zizmor * ci: pin all actions to commit hashes * ci: fix zizmor linter errors in workflows - Add explicit permissions blocks to all workflows - Set persist-credentials: false for checkout actions - Fix template injection by using env variables in run blocks * fix: address zizmor template injection warnings in action.yaml - Move inputs to env block to prevent template injection - Add ignore comment for github-env false positive * ci: fix remaining zizmor linter errors - Add permissions and persist-credentials to test.yaml - Fix ignore comment placement for github-env in action.yaml