[GRASS-git] [OSGeo/grass-addons] 9a9538: CI: Configure and fix all remaining GitHub Action ...
Edouard Choinière
noreply at github.com
Sun Aug 31 12:12:44 PDT 2025
Branch: refs/heads/grass8
Home: https://github.com/OSGeo/grass-addons
Commit: 9a95387c916ae7e0e6c49f7b1d6b9c430b43d53a
https://github.com/OSGeo/grass-addons/commit/9a95387c916ae7e0e6c49f7b1d6b9c430b43d53a
Author: Edouard Choinière <27212526+echoix at users.noreply.github.com>
Date: 2025-08-31 (Sun, 31 Aug 2025)
Changed paths:
M .github/workflows/additional_checks.yml
M .github/workflows/post-pr-reviews.yml
A zizmor.yml
Log Message:
-----------
CI: Configure and fix all remaining GitHub Action issues found by zizmor (#1474)
* CI: Ignore zizmor dangerous-triggers for post-pr-reviews
On manual review and to the best of my knowledge, the workflow uses the workflow_run trigger properly, only on expected workflows completed, and only expected whitelisted input values are used.
* CI: Limit additional_checks.yml permissions to contents: read
* checks: Add zizmor.yml config file to configure unpinned action
The action create-upload-suggestions coming from the OSGeo/grass repo is considered trusted and should not be forced to be pinned to a specific hash
* Add yaml document start to zizmor.yml
To unsubscribe from these emails, change your notification settings at https://github.com/OSGeo/grass-addons/settings/notifications
More information about the grass-commit
mailing list