Project: /home/runner/work/insecure_tree/insecure_tree
Source: pipdeptree
Scanned: 2026-05-17T02:16:15.793970+00:00
insecure-tree: 0.2.0
zizmor: 1.24.1
These workflows trigger on pull_request_target and call actions/checkout,
which allows untrusted PR code to run with base-repo write permissions
(pwn-request / GHSL-2021-041 class).
.github/workflows/latest-changes.yml → job latest-changes, step 2uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd.github/workflows/latest-changes.yml → job latest-changes, step 2uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd| Package ↕ | Repository ↕ | Status ↕ | Confidence ↕ | Findings |
|---|---|---|---|---|
aiohappyeyeballs==2.6.1 |
aio-libs/aiohappyeyeballs | scanned | high |
21 errors 12 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:29credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:50credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:80credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:120credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:161credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:14overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:25overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:34overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:68overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:52unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:56unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:64unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:80unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:87unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:91unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:120unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:127unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:134unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:153unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:159unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:161unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:167unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/issue-manager.yml:18overly broad permissions View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/issue-manager.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/issue-manager.yml:21unpinned action reference View on GitHub |
aiohttp==3.13.5 |
aio-libs/aiohttp | scanned | high |
61 errors 1 warning 15 notes
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/auto-merge.yml:2use of fundamentally insecure workflow trigger View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/auto-merge.yml:15unpinned action reference View on GitHub
zizmor/bot-conditions: zizmor/bot-conditions
.github/workflows/auto-merge.yml:11spoofable bot actor check View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:61credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:130credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:186credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:296credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:377credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:422credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:514credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:587credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:663credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:215code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:215code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:325code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:325code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:62unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:73unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:77unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:131unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:135unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:142unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:150unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:187unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:192unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:202unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:221unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:264unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:278unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:297unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:302unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:312unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:328unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:356unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:363unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:378unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:383unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:395unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:405unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:423unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:428unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:440unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:464unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:484unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:488unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:515unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:519unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:528unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:539unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:588unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:593unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:610unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:621unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:629unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:634unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:664unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:671unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:680unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:694unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:697unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:707unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci-cd.yml:77runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci-cd.yml:135runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci-cd.yml:142runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci-cd.yml:202runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci-cd.yml:312runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci-cd.yml:383runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/ci-cd.yml:707action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql.yml:28credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/label-remove.yml:20unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/labels.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/labels.yml:14unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/stale.yml:13unpinned action reference View on GitHub |
aiosignal==1.4.0 |
aio-libs/aiosignal | scanned | medium |
15 errors 6 warnings 5 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:91credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:55overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:121overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:141overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:231overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:309overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:92unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:318unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:342unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:352unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:365unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:368unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:378unpinned action reference View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:142obfuscated usage of GitHub Actions features View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:232obfuscated usage of GitHub Actions features View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/ci-cd.yml:378action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql.yml:26credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:30unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:37unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:40unpinned action reference View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/dependabot-auto-merge.yml:2use of fundamentally insecure workflow trigger View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/dependabot-auto-merge.yml:15unpinned action reference View on GitHub
zizmor/bot-conditions: zizmor/bot-conditions
.github/workflows/dependabot-auto-merge.yml:11spoofable bot actor check View on GitHub |
annotated-doc==0.0.4 |
fastapi/annotated-doc | scanned | high |
1 pwn-request
6 errors 12 warnings 8 notes
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/add-to-project.yml:11overly broad permissions View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/add-to-project.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/detect-conflicts.yml:2use of fundamentally insecure workflow trigger View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/issue-manager.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/labeler.yml:2use of fundamentally insecure workflow trigger View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/latest-changes.yml:27credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/latest-changes.yml:20overly broad permissions View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/latest-changes.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pre-commit.yml:21credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pre-commit.yml:33credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pre-commit.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pre-commit.yml:14overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pre-commit.yml:75overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/smokeshow.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/smokeshow.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-redistribute.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-redistribute.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-redistribute.yml:13overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-redistribute.yml:47overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:64credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:104credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:25overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:99overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:141overly broad permissions View on GitHub |
annotated-types==0.7.0 |
annotated-types/annotated-types | scanned | high |
9 errors 7 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:26credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:51credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:71credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:13overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:47overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:63overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/ci.yml:91prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:51unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:53unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:59unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:71unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:74unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:81unpinned action reference View on GitHub |
anyio==4.13.0 |
agronholm/anyio | scanned | high |
39 errors 14 warnings 12 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:55credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:12overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:41unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:55unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:60unpinned action reference View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/publish.yml:60action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-downstream.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-downstream.yml:40credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-downstream.yml:66credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-downstream.yml:97credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-downstream.yml:125credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-downstream.yml:2overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-downstream.yml:8overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-downstream.yml:32overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-downstream.yml:56overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-downstream.yml:89overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-downstream.yml:116overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/test-downstream.yml:26code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/test-downstream.yml:50code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/test-downstream.yml:83code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/test-downstream.yml:112code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/test-downstream.yml:136code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:44unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:69unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:73unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:97unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:101unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:105unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:125unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-downstream.yml:129unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:18credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:45credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:99credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:149credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:9overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:36overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:59overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:138overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:161overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:99unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:101unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:133unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:149unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:151unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:167unpinned action reference View on GitHub
zizmor/unsound-condition: zizmor/unsound-condition
.github/workflows/test.yml:39unsound conditional expression View on GitHub
zizmor/unsound-condition: zizmor/unsound-condition
.github/workflows/test.yml:91unsound conditional expression View on GitHub
zizmor/unsound-condition: zizmor/unsound-condition
.github/workflows/test.yml:141unsound conditional expression View on GitHub |
astroid==4.0.4 |
pylint-dev/astroid | scanned | high |
35 errors 7 warnings 7 notes
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/backport.yml:2use of fundamentally insecure workflow trigger View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:27credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:93credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:146credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:191credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:225credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:22overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:81overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:132overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:181overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:219overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:96unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:126unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:150unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:126unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:150unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:126unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:230unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:235unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:235unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:235unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql-analysis.yml:48credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:49unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:53unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:64unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:78unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:37unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:53unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:59unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:70unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:76unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-pylint.yml:7overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-pylint.yml:8unpinned action reference View on GitHub |
attrs==26.1.0 |
python-attrs/attrs | scanned | high | clean |
bandit==1.9.4 |
PyCQA/bandit | scanned | high |
14 errors 5 warnings 7 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/build-publish-image.yml:28credential persistence through GitHub Actions artifacts View on GitHub
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/build-publish-image.yml:29action's hash pin has mismatched or missing version comment View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/dependency-review.yml:11credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/dependency-review.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/dependency-review.yml:14unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish-to-pypi.yml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:36unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish-to-test-pypi.yml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-test-pypi.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-test-pypi.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-test-pypi.yml:35unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pythonpackage.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pythonpackage.yml:31credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pythonpackage.yml:60credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pythonpackage.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pythonpackage.yml:6overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pythonpackage.yml:25overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pythonpackage.yml:46overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pythonpackage.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pythonpackage.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pythonpackage.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pythonpackage.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pythonpackage.yml:61unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pythonpackage.yml:63unpinned action reference View on GitHub |
black==26.3.1 |
psf/black | scanned | high |
1 error 16 notes
zizmor/misfeature: zizmor/misfeature
.github/workflows/diff_shades.yml:48usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/diff_shades.yml:77usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/diff_shades.yml:132usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/diff_shades.yml:200usage of GitHub Actions misfeatures View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/diff_shades_comment.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/diff_shades_comment.yml:37usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/docs.yml:38usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/fuzz.yml:41usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/lint.yml:35usage of GitHub Actions misfeatures View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/publish_binaries.yml:67code injection via template expansion View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/publish_binaries.yml:55usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/pypi_upload.yml:31usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/pypi_upload.yml:84usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/pypi_upload.yml:109usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/release_tests.yml:45usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/test.yml:60usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/test.yml:120usage of GitHub Actions misfeatures View on GitHub |
boolean.py==5.0 |
bastikr/boolean.py | scanned | medium |
13 errors 12 warnings 2 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/pypi-release.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pypi-release.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pypi-release.yml:18overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pypi-release.yml:45overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pypi-release.yml:65overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/pypi-release.yml:80prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi-release.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi-release.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi-release.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi-release.yml:53unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi-release.yml:59unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi-release.yml:73unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi-release.yml:80unpinned action reference View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/pypi-release.yml:59action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-and-build.yml:35credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-and-build.yml:70credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-and-build.yml:83credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-and-build.yml:25overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-and-build.yml:30overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-and-build.yml:51overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-and-build.yml:78overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-and-build.yml:35unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-and-build.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-and-build.yml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-and-build.yml:70unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-and-build.yml:83unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-and-build.yml:94unpinned action reference View on GitHub |
CacheControl==0.14.4 |
psf/cachecontrol | scanned | high | clean |
cachetools==7.1.0 |
tkem/cachetools | scanned | high |
1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:17credential persistence through GitHub Actions artifacts View on GitHub |
cattrs==26.1.0 |
python-attrs/cattrs | scanned | high | clean |
certifi==2026.4.22 |
certifi/python-certifi | scanned | high |
4 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/bump.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:38credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:18credential persistence through GitHub Actions artifacts View on GitHub |
cfgv==3.5.0 |
asottile/cfgv | scanned | medium |
1 error 1 warning
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:11unpinned action reference View on GitHub |
charset-normalizer==3.4.7 |
jawah/charset_normalizer | scanned | high |
1 error 4 warnings 3 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/cd.yml:63credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/cd.yml:103credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/cd.yml:217code injection via template expansion View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:203credential persistence through GitHub Actions artifacts View on GitHub
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/codeql.yml:47action's hash pin has mismatched or missing version comment View on GitHub
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/codeql.yml:54action's hash pin has mismatched or missing version comment View on GitHub
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/codeql.yml:57action's hash pin has mismatched or missing version comment View on GitHub
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/scorecards.yml:69action's hash pin has mismatched or missing version comment View on GitHub |
click==8.3.3 |
pallets/click | scanned | high | clean |
codespell==2.4.2 |
codespell-project/codespell | scanned | high |
14 errors 1 note
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/autofix.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codespell.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codespell.yml:15unpinned action reference View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/release.yml:55prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:55unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:49unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:72unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:91unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:98unpinned action reference View on GitHub |
colorama==0.4.6 |
tartley/colorama | scanned | high |
5 errors 4 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/lint_python.yml:7credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/lint_python.yml:4overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/lint_python.yml:7unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/lint_python.yml:8unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:26credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:41unpinned action reference View on GitHub |
colorlog==6.10.1 |
borntyping/python-colorlog | scanned | medium |
7 errors 6 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:44credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:68credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:4overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:27overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:14unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:44unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:68unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:70unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:80unpinned action reference View on GitHub |
coverage==7.13.5 |
coveragepy/coveragepy | scanned | medium | clean |
crosshair-tool==0.0.104 |
pschanely/CrossHair | scanned | medium |
17 errors 13 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/build_documentation.yml:18credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build_documentation.yml:15overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_documentation.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_documentation.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_documentation.yml:36unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/buildwheels.yml:24credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/buildwheels.yml:54credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/buildwheels.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/buildwheels.yml:14overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/buildwheels.yml:50overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:54unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:65unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:81unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:86unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/check.yml:39credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/check.yml:19overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:42unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pyodide.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pyodide.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pyodide.yml:55unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test_hypothesis.yml:14credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test_hypothesis.yml:31credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test_hypothesis.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test_hypothesis.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test_hypothesis.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test_hypothesis.yml:32unpinned action reference View on GitHub |
cyclonedx-python-lib==11.7.0 |
CycloneDX/cyclonedx-python-lib | scanned | high |
1 warning
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/release.yml:113action's hash pin has mismatched or missing version comment View on GitHub |
deadcode==2.4.1 |
albertas/deadcode | scanned | high |
2 errors 1 warning
zizmor/artipacked: zizmor/artipacked
.github/workflows/check-deadcode-on-python310.yml:21credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check-deadcode-on-python310.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check-deadcode-on-python310.yml:23unpinned action reference View on GitHub |
defusedxml==0.7.1 |
tiran/defusedxml | scanned | medium |
11 errors 3 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:45credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:60credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:60unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:61unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pypi.yml:38credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:55unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:73unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:93unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:98unpinned action reference View on GitHub |
deptry==0.25.1 |
osprey-oss/deptry | scanned | high | clean |
dill==0.4.1 |
uqfoundation/dill | no workflows | high | - |
distlib==0.4.0 |
pypa/distlib | scanned | high |
3 errors 2 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/package-tests.yml:44credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/package-tests.yml:25overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/package-tests.yml:44unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/package-tests.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/package-tests.yml:66unpinned action reference View on GitHub |
distro==1.9.0 |
python-distro/distro | scanned | medium |
10 errors 11 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:49credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:72credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:8overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:26overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:67overly broad permissions View on GitHub
zizmor/ref-confusion: zizmor/ref-confusion
.github/workflows/ci.yaml:63git ref for action with ambiguous ref type View on GitHub
zizmor/ref-confusion: zizmor/ref-confusion
.github/workflows/ci.yaml:74git ref for action with ambiguous ref type View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:49unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:52unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:63unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:72unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:74unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:77unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:15credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:10overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/deploy.yml:27prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:18unpinned action reference View on GitHub |
docstring_parser_fork==0.0.14 |
rr-/docstring_parser | scanned | high |
13 errors 5 warnings 4 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/apidocs.yml:10credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/apidocs.yml:6overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/apidocs.yml:10unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/apidocs.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/apidocs.yml:37unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build.yml:24credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build.yml:38credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build.yml:47credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build.yml:16overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build.yml:35overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build.yml:44overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:48unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:55unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:70unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:75unpinned action reference View on GitHub |
execnet==2.1.2 |
pytest-dev/execnet | scanned | low |
13 errors 5 warnings 4 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:33credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:13overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:48code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:48code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:49code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:42unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:40credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:20overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:27overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:51unpinned action reference View on GitHub |
filelock==3.29.0 |
tox-dev/py-filelock | zizmor_failed | high | - |
frozenlist==1.8.0 |
aio-libs/frozenlist | scanned | medium |
35 errors 9 warnings 10 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:76credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:3overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:46overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:64overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:124overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:129overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:197overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:396overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:408overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:420overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:102code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:106code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:321code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:77unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:79unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:111unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:248unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:255unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:263unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:273unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:278unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:360unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:384unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:404unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:493unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:501unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:512unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:526unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:529unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:539unpinned action reference View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:131obfuscated usage of GitHub Actions features View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:422obfuscated usage of GitHub Actions features View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/ci-cd.yml:539action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql.yml:32credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:46unpinned action reference View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/dependabot-auto-merge.yml:4use of fundamentally insecure workflow trigger View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/dependabot-auto-merge.yml:18unpinned action reference View on GitHub
zizmor/bot-conditions: zizmor/bot-conditions
.github/workflows/dependabot-auto-merge.yml:14spoofable bot actor check View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/reusable-cibuildwheel.yml:88code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:99unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:106unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:111unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:117unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/reusable-linters.yml:33credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:34unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:60unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:70unpinned action reference View on GitHub |
gha-update==0.2.0 |
davidism/gha-update | scanned | high |
2 errors 7 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/pre-commit.yaml:10credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pre-commit.yaml:7overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yaml:9credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yaml:6overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/publish.yaml:32code injection via template expansion View on GitHub
zizmor/known-vulnerable-actions: zizmor/known-vulnerable-actions
.github/workflows/publish.yaml:45action has a known vulnerability View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/publish.yaml:10runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:26credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:23overly broad permissions View on GitHub |
ghp-import==2.1.0 |
c-w/ghp-import | scanned | medium |
6 errors 7 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/cd.yaml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/cd.yaml:27credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/cd.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/cd.yaml:9overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/cd.yaml:22overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/cd.yaml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/cd.yaml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/cd.yaml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/cd.yaml:28unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:15credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:6overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:16unpinned action reference View on GitHub |
git2md==1.1.7 |
xpos587/git2md | scanned | medium |
13 errors 9 warnings 4 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yaml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yaml:72credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yaml:122credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yaml:147credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yaml:15overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yaml:42overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yaml:68overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yaml:140overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yaml:27code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yaml:59code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yaml:81code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yaml:138code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yaml:138code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yaml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yaml:72unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yaml:75unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yaml:92unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yaml:107unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yaml:113unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yaml:123unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yaml:128unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yaml:147unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yaml:150unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yaml:155unpinned action reference View on GitHub
zizmor/unpinned-images: zizmor/unpinned-images
.github/workflows/release.yaml:145unpinned image references View on GitHub |
griffe==2.0.2 |
mkdocstrings/griffe | scanned | high |
16 errors 7 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:53credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:125credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:29overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:95overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:54unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:60unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:63unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:68unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:89unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:126unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:132unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:138unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:150unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:26unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/release.yml:22runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/release.yml:26action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/sponsors.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sponsors.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sponsors.yml:19unpinned action reference View on GitHub |
griffecli==2.0.2 |
- | no repo | - | - |
griffelib==2.0.2 |
- | no repo | - | - |
grimp==3.14 |
python-grimp/grimp | scanned | medium |
35 errors 12 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:47credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:66credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:2overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:12overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:35overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:63overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:53unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:69unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:72unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:80unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:36credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:73credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:106credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:139credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:164credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:37unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:54unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:73unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:74unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:84unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:91unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:106unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:107unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:118unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:124unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:139unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:140unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:150unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:156unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:164unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:166unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:171unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:182unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:184unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/release.yml:47runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/release.yml:84runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/release.yml:118runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/release.yml:150runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub |
h11==0.16.0 |
python-hyper/h11 | scanned | medium |
3 errors 2 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:26credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:41unpinned action reference View on GitHub |
h2==4.3.0 |
python-hyper/h2 | scanned | high |
3 errors 1 warning 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:41unpinned action reference View on GitHub |
hpack==4.1.0 |
python-hyper/hpack | scanned | high |
3 errors 1 warning 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:36unpinned action reference View on GitHub |
httpcore==1.0.9 |
encode/httpcore | scanned | high |
4 errors 4 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:18unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-suite.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-suite.yml:11overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-suite.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-suite.yml:21unpinned action reference View on GitHub |
httpx==0.28.1 |
encode/httpx | scanned | high |
4 errors 4 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:18unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-suite.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-suite.yml:11overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-suite.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test-suite.yml:21unpinned action reference View on GitHub |
hyperframe==6.1.0 |
python-hyper/hyperframe | scanned | high |
3 errors 1 warning 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:38unpinned action reference View on GitHub |
hypothesis==6.152.4 |
HypothesisWorks/hypothesis | scanned | high |
20 errors 19 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/fuzz.yml:24credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/fuzz.yml:19overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/fuzz.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/fuzz.yml:28unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/fuzz.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/fuzz.yml:51unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/fuzz.yml:77unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/fuzz.yml:87unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:38credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:110credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:179credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:229credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:261credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:316credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:22overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:62overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:139overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:197overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:249overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:296overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:306overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:110unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:128unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:179unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:229unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:261unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:302unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:316unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/update-deps.yml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/update-deps.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/update-deps.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/update-deps.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/update-deps.yml:21unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/website.yml:31credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/website.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/website.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/website.yml:43unpinned action reference View on GitHub |
identify==2.6.19 |
pre-commit/identify | scanned | medium |
1 error 1 warning
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:11unpinned action reference View on GitHub |
idna==3.13 |
kjd/idna | scanned | high |
2 errors 3 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:15credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:79code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:90code injection via template expansion View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/python-package.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/python-package.yml:48credential persistence through GitHub Actions artifacts View on GitHub |
import-linter==2.11 |
seddonym/import-linter | scanned | medium |
15 errors 10 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:40credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:66credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:85credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:2overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:12overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:30overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:56overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:80overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:69unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:85unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:91unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:18credential persistence through GitHub Actions artifacts View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/release.yml:25prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:25unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/release.yml:20runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub |
importlib_metadata==9.0.0 |
python/importlib_metadata | scanned | high |
7 errors 3 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:57credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:84credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:120credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:84unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:107unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:120unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:122unpinned action reference View on GitHub |
importlib_resources==7.1.0 |
python/importlib_resources | scanned | high |
7 errors 3 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:57credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:84credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:120credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:84unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:107unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:120unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:122unpinned action reference View on GitHub |
iniconfig==2.3.0 |
pytest-dev/iniconfig | scanned | high |
11 errors 5 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:42credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:28overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/test.yml:68code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:51unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:63unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:83unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:93unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:111unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:117unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:136unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:142unpinned action reference View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/test.yml:93action functionality is already included by the runner View on GitHub |
insecure_tree==0.3.0 |
matthewdeanmartin/insecure_tree | scanned | high | clean |
interrogate==1.7.0 |
econchick/interrogate | scanned | high |
32 errors 24 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:24credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:39credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:78credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:114credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:127credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:146credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:4overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:20overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:31overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:73overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:109overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:120overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:142overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:157overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:67unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:79unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:103unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:114unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:118unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:127unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:128unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:146unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:147unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:171unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pypi.yml:24credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pypi.yml:16overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:28unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:60unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pypi.yml:66unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/sanity.yml:26credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/sanity.yml:47credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/sanity.yml:62credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/sanity.yml:6overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/sanity.yml:19overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/sanity.yml:43overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/sanity.yml:58overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sanity.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sanity.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sanity.yml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sanity.yml:48unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sanity.yml:62unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sanity.yml:63unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/windows.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/windows.yml:13overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/windows.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/windows.yml:21unpinned action reference View on GitHub |
isort==8.0.1 |
PyCQA/isort | scanned | high |
25 errors 4 warnings 6 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/continuous-integration.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/continuous-integration.yml:56credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/continuous-integration.yml:75credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/continuous-integration.yml:100credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:92unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/continuous-integration.yml:38unpinned action reference View on GitHub
zizmor/unsound-condition: zizmor/unsound-condition
.github/workflows/continuous-integration.yml:91unsound conditional expression View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/labeler.yml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/labeler.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/labeler.yml:14unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/labeler.yml:17unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release-drafter.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release-drafter.yml:14unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:15credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yml:2overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:55unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:62unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:73unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:79unpinned action reference View on GitHub |
jiggle_version==2.1.1 |
- | no repo | - | - |
Jinja2==3.1.6 |
pallets/jinja | scanned | high |
2 errors 10 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/pre-commit.yaml:10credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pre-commit.yaml:7overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yaml:9credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yaml:6overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/publish.yaml:32code injection via template expansion View on GitHub
zizmor/known-vulnerable-actions: zizmor/known-vulnerable-actions
.github/workflows/publish.yaml:45action has a known vulnerability View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/publish.yaml:10runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:24credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:36credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:9overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:33overly broad permissions View on GitHub |
jiter==0.14.0 |
pydantic/jiter | scanned | low |
2 notes
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/ci.yml:676prefer trusted publishing for authentication View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/ci.yml:729action functionality is already included by the runner View on GitHub |
joblib==1.5.3 |
joblib/joblib | scanned | high |
17 errors 2 warnings 3 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/codespell.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codespell.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codespell.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codespell.yml:25unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish-to-pypi.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish-to-pypi.yml:8overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:52unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:73unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:117unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish-to-pypi.yml:122unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:31credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:125credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:126unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:129unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:147unpinned action reference View on GitHub |
librt==0.9.0 |
mypyc/librt | scanned | high |
9 errors 6 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/buildwheels.yml:88credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/buildwheels.yml:119credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/buildwheels.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/buildwheels.yml:15overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/buildwheels.yml:76overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/buildwheels.yml:115overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:96unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:101unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:109unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:119unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:120unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:130unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:143unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/buildwheels.yml:151unpinned action reference View on GitHub |
license-expression==30.4.4 |
aboutcode-org/license-expression | scanned | medium |
1 note
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/pypi-release.yml:69action functionality is already included by the runner View on GitHub |
linkcheckmd==1.4.0 |
scivision/linkchecker-markdown | scanned | medium |
4 errors 3 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:11overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:23unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codespell.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codespell.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codespell.yml:23unpinned action reference View on GitHub |
llvm-diagnostics==3.0.1 |
tomtom-international/llvm-diagnostics | scanned | medium |
11 errors 12 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/build_and_test.yml:15credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build_and_test.yml:36credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build_and_test.yml:57credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build_and_test.yml:78credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build_and_test.yml:2overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build_and_test.yml:11overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build_and_test.yml:32overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build_and_test.yml:53overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build_and_test.yml:74overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_and_test.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_and_test.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_and_test.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_and_test.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_and_test.yml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_and_test.yml:60unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_and_test.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_and_test.yml:81unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/quality_checks.yml:8overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/quality_checks.yml:13unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yml:12overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/release.yml:34prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:19unpinned action reference View on GitHub |
loguru==0.7.3 |
Delgan/loguru | scanned | high |
19 errors 7 warnings 6 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql-analysis.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:31unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/docs.yml:10credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/docs.yml:6overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:11unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:13unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/lint.yml:10credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/lint.yml:6overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/lint.yml:11unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/lint.yml:13unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/packaging.yml:10credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/packaging.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/packaging.yml:6overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/packaging.yml:11unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/packaging.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/packaging.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/packaging.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/packaging.yml:44unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:50credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:75credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:10overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:71overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:51unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:54unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:76unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:80unpinned action reference View on GitHub |
lsprotocol==2025.0.0 |
microsoft/lsprotocol | scanned | high |
59 errors 33 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql-analysis.yml:40credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:41unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:56unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:70unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/dep-bot-auto-merge.yml:15unpinned action reference View on GitHub
zizmor/bot-conditions: zizmor/bot-conditions
.github/workflows/dep-bot-auto-merge.yml:11spoofable bot actor check View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/issue-labels.yml:16unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pr-check.yml:11credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pr-check.yml:49credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pr-check.yml:102credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pr-check.yml:122credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pr-check.yml:146credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pr-check.yml:177credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pr-check.yml:213credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pr-check.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pr-check.yml:7overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pr-check.yml:45overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pr-check.yml:92overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pr-check.yml:118overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pr-check.yml:138overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pr-check.yml:169overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pr-check.yml:209overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:53unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:74unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:79unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:84unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:103unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:106unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:123unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:126unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:147unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:150unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:155unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:178unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:181unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:186unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:214unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:217unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-check.yml:232unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pr-labels.yml:12overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pr-labels.yml:17unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/push-check.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/push-check.yml:54credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/push-check.yml:107credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/push-check.yml:131credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/push-check.yml:162credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/push-check.yml:194credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/push-check.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/push-check.yml:12overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/push-check.yml:50overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/push-check.yml:97overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/push-check.yml:123overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/push-check.yml:154overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/push-check.yml:190overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:41unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:55unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:63unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:79unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:84unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:89unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:108unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:111unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:132unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:135unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:140unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:163unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:166unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:171unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:195unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:198unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push-check.yml:213unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/push-check.yml:25runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/push-check.yml:63runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/push-check.yml:79runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/updater.yml:15credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/updater.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/updater.yml:19unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/version-check.yml:11credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/version-check.yml:7overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/version-check.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/version-check.yml:15unpinned action reference View on GitHub |
maison==2.0.2 |
dbatten/maison | github_api_failed | high | - |
Markdown==3.10.2 |
Python-Markdown/markdown | scanned | high |
25 errors 23 warnings 3 notes
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/changelog-enforcer.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/changelog-enforcer.yml:15unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/changelog-validator.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/changelog-validator.yml:31credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/changelog-validator.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/changelog-validator.yml:10overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/changelog-validator.yml:25overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/changelog-validator.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/changelog-validator.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/changelog-validator.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/changelog-validator.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/changelog-validator.yml:43unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:55credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:59credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:10overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:52overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/deploy.yml:26prefer trusted publishing for authentication View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:32code injection via template expansion View on GitHub
zizmor/known-vulnerable-actions: zizmor/known-vulnerable-actions
.github/workflows/deploy.yml:26action has a known vulnerability View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:56unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:60unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:66unpinned action reference View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/deploy.yml:42action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/manual_deploy.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/manual_deploy.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/manual_deploy.yml:14overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/manual_deploy.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/manual_deploy.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/manual_deploy.yml:29unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tox.yml:45credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tox.yml:78credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tox.yml:3overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tox.yml:16overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tox.yml:66overly broad permissions View on GitHub
zizmor/ref-confusion: zizmor/ref-confusion
.github/workflows/tox.yml:59git ref for action with ambiguous ref type View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tox.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tox.yml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tox.yml:59unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tox.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tox.yml:80unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/version_check.yml:15credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/version_check.yml:12overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/version_check.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/version_check.yml:17unpinned action reference View on GitHub |
markdown-it-py==4.0.0 |
executablebooks/markdown-it-py | scanned | high |
22 errors 16 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/benchmark.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/benchmark.yml:8overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/benchmark.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/benchmark.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/benchmark.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/benchmark.yml:40unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/copilot-setup-steps.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/copilot-setup-steps.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/copilot-setup-steps.yml:24unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/fuzz.yml:16overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/fuzz.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/fuzz.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/fuzz.yml:32unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:38credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:71credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:91credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:120credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:4overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:17overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:29overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:64overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:87overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:113overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:136overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:56unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:71unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:73unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:91unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:94unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:107unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:121unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:123unpinned action reference View on GitHub |
MarkupSafe==3.0.3 |
pallets/markupsafe | scanned | high |
6 errors 12 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/pre-commit.yaml:10credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pre-commit.yaml:7overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yaml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yaml:46credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yaml:16overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yaml:38overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/publish.yaml:81code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/publish.yaml:81code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/publish.yaml:89code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/publish.yaml:89code injection via template expansion View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/publish.yaml:22runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/publish.yaml:47runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:27credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:42credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:9overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:39overly broad permissions View on GitHub |
mccabe==0.7.0 |
pycqa/mccabe | no workflows | medium | - |
mdformat==1.0.0 |
hukkin/mdformat | scanned | high |
10 errors 11 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:41credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:71credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:74credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:99credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:12overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:32overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:63overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:85overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:93overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/tests.yaml:112prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:41unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:44unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:68unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:71unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:74unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:99unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:100unpinned action reference View on GitHub |
mdurl==0.1.2 |
executablebooks/mdurl | scanned | high |
7 errors 8 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:40credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:76credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:12overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:31overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:62overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:70overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/tests.yaml:89prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:76unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:77unpinned action reference View on GitHub |
mergedeep==1.3.4 |
clarketm/mergedeep | no workflows | medium | - |
metametameta==0.1.11 |
matthewdeanmartin/metametameta | scanned | low | clean |
mkdocs==1.6.1 |
mkdocs/mkdocs | scanned | high |
16 errors 13 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/autofix.yml:9credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/autofix.yml:6overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/autofix.yml:9unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/autofix.yml:11unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/autofix.yml:23unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:31credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:58credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:89credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:8overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:55overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:86overly broad permissions View on GitHub
zizmor/ref-confusion: zizmor/ref-confusion
.github/workflows/ci.yml:48git ref for action with ambiguous ref type View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:48unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:60unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:67unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:89unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:91unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy-release.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy-release.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy-release.yml:14unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy-release.yml:22unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/docs.yml:11credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/docs.yml:8overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:14unpinned action reference View on GitHub |
mkdocs-autorefs==1.4.4 |
mkdocstrings/autorefs | scanned | high |
13 errors 6 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:53credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:122credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:29overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:92overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:54unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:60unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:65unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:86unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:123unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:129unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:135unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:147unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:26unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/release.yml:22runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/release.yml:26action functionality is already included by the runner View on GitHub |
mkdocs-get-deps==0.2.2 |
mkdocs/get-deps | scanned | high |
10 errors 8 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/autofix.yml:9credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/autofix.yml:6overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/autofix.yml:10unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/autofix.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/autofix.yml:29unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:33credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:55credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:11overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:52overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:34unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:56unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:58unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy-release.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy-release.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy-release.yml:14unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy-release.yml:22unpinned action reference View on GitHub |
mkdocstrings==1.0.4 |
mkdocstrings/mkdocstrings | scanned | high |
15 errors 7 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:54credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:123credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:30overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:93overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:55unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:61unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:87unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:124unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:130unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:136unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:148unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:26unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/release.yml:22runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/release.yml:26action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/sponsors.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sponsors.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sponsors.yml:19unpinned action reference View on GitHub |
mkdocstrings-python==2.0.3 |
mkdocstrings/python | scanned | high |
15 errors 7 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:50credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:119credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:29overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:89overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:51unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:62unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:83unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:120unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:126unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:132unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:144unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:26unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/release.yml:22runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/release.yml:26action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/sponsors.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sponsors.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sponsors.yml:19unpinned action reference View on GitHub |
msgpack==1.1.2 |
msgpack/msgpack-python | scanned | high |
6 warnings 4 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/docs.yaml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/docs.yaml:6overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/lint.yaml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/lint.yaml:6overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:21credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:9overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/wheel.yml:30credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/wheel.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/wheel.yml:11overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/wheel.yml:68overly broad permissions View on GitHub |
multidict==6.7.1 |
aio-libs/multidict | scanned | medium |
43 errors 10 warnings 11 notes
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/auto-merge.yml:4use of fundamentally insecure workflow trigger View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/auto-merge.yml:18unpinned action reference View on GitHub
zizmor/bot-conditions: zizmor/bot-conditions
.github/workflows/auto-merge.yml:14spoofable bot actor check View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:67credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:400credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:3overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:37overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:55overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:107overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:110overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:164overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:393overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:425overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:476overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:488overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:85code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:89code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:355code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:68unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:70unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:94unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:222unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:230unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:237unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:273unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:299unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:366unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:390unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:401unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:404unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:410unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:416unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:438unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:442unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:449unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:467unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:547unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:555unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:566unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:583unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:586unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:596unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci-cd.yml:273runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci-cd.yml:404runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:112obfuscated usage of GitHub Actions features View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:490obfuscated usage of GitHub Actions features View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/ci-cd.yml:596action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql.yml:32credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:45unpinned action reference View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/reusable-cibuildwheel.yml:88code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:99unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:106unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:111unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:117unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/reusable-linters.yml:29credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:30unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:53unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:60unpinned action reference View on GitHub |
mypy==1.20.2 |
python/mypy | scanned | high |
19 errors
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_wheels.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build_wheels.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/mypy_primer.yml:35unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/mypy_primer.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/mypy_primer.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/mypy_primer.yml:86unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/mypy_primer.yml:98unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/mypy_primer_comment.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/mypy_primer_comment.yml:48unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sync_typeshed.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sync_typeshed.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:163unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:201unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:256unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:276unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test_stubgenc.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test_stubgenc.yml:36unpinned action reference View on GitHub |
mypy_extensions==1.1.0 |
python/mypy_extensions | scanned | high |
4 errors 2 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:25credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:58credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:60unpinned action reference View on GitHub |
nltk==3.9.4 |
nltk/nltk | scanned | high |
21 errors 11 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/cffconvert.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/cffconvert.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/cffconvert.yml:21unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:25credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:45credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:82credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci.yml:129code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci.yml:140code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci.yml:151code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:28unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:48unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:82unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:85unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:115unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:132unpinned action reference View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/labeler.yml:2use of fundamentally insecure workflow trigger View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/labeler.yml:12unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:18credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:35credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:49unpinned action reference View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/release.yml:49action functionality is already included by the runner View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/retest-pr.yml:55code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/retest-pr.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/retest-pr.yml:37unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/retest-pr.yml:48unpinned action reference View on GitHub |
nodeenv==1.10.0 |
ekalinin/nodeenv | scanned | medium |
12 errors 10 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:26credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:57credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:11overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:52overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:28unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:59unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:67unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:79unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:43credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:11overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:40overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:62unpinned action reference View on GitHub |
openai==2.33.0 |
openai/openai-python | scanned | high |
1 error 12 warnings 7 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:24credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:47credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:86credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:107credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:18overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:80overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:100overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/create-releases.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/create-releases.yml:10overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/detect-breaking-changes.yml:18credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/detect-breaking-changes.yml:46credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/detect-breaking-changes.yml:63credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/detect-breaking-changes.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/detect-breaking-changes.yml:9overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/detect-breaking-changes.yml:40overly broad permissions View on GitHub
zizmor/impostor-commit: zizmor/impostor-commit
.github/workflows/detect-breaking-changes.yml:69commit with no history in referenced repository View on GitHub
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/detect-breaking-changes.yml:69action's hash pin has mismatched or missing version comment View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish-pypi.yml:14credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish-pypi.yml:8overly broad permissions View on GitHub |
packageurl-python==0.17.6 |
package-url/packageurl-python | scanned | medium |
2 warnings
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:38overly broad permissions View on GitHub |
packaging==26.2 |
pypa/packaging | scanned | high |
5 warnings
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/codeql.yml:46action's hash pin has mismatched or missing version comment View on GitHub
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/codeql.yml:58action's hash pin has mismatched or missing version comment View on GitHub
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/codeql.yml:61action's hash pin has mismatched or missing version comment View on GitHub
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/publish.yml:69action's hash pin has mismatched or missing version comment View on GitHub
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/publish.yml:92action's hash pin has mismatched or missing version comment View on GitHub |
pathspec==1.1.1 |
cpburnz/python-pathspec | scanned | high |
4 warnings 4 notes
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish-to-pypi.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish-to-pypi.yaml:8overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish-to-testpypi.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish-to-testpypi.yaml:8overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-all.yaml:66credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-all.yaml:100credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-quick.yaml:30credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-quick.yaml:64credential persistence through GitHub Actions artifacts View on GitHub |
pip==26.1 |
pypa/pip | scanned | high |
1 warning
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/release.yml:18action's hash pin has mismatched or missing version comment View on GitHub |
pip-api==0.0.34 |
di/pip-api | scanned | medium |
17 errors 9 warnings 5 notes
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pip-feed.yml:8overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pip-feed.yml:11unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:44unpinned action reference View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/release.yml:44action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:36credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:69credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:18overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:32overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:62overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:80overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:103overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:123overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/test.yml:101code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:37unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:51unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:69unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:71unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:90unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:95unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:110unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:115unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:131unpinned action reference View on GitHub |
pip_audit==2.10.0 |
pypa/pip-audit | scanned | high | clean |
pip-requirements-parser==32.0.1 |
nexB/pip-requirements-parser | zizmor_failed | medium | - |
pipdeptree==2.35.2 |
tox-dev/pipdeptree | scanned | high | clean |
platformdirs==4.9.6 |
tox-dev/platformdirs | scanned | high | clean |
pluggy==1.6.0 |
pytest-dev/pluggy | scanned | low | clean |
pre_commit==4.6.0 |
pre-commit/pre-commit | scanned | medium |
8 errors 8 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/languages.yaml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/languages.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/languages.yaml:14overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/languages.yaml:30overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/languages.yaml:77overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/languages.yaml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/languages.yaml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/languages.yaml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/languages.yaml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/languages.yaml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/languages.yaml:68unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:14overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:19overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:20unpinned action reference View on GitHub |
prompt_toolkit==3.0.52 |
prompt-toolkit/python-prompt-toolkit | scanned | high |
3 errors 1 warning 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yaml:21credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yaml:12overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yaml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yaml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yaml:46unpinned action reference View on GitHub |
propcache==0.4.1 |
aio-libs/propcache | scanned | medium |
45 errors 10 warnings 12 notes
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/auto-merge.yml:4use of fundamentally insecure workflow trigger View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/auto-merge.yml:18unpinned action reference View on GitHub
zizmor/bot-conditions: zizmor/bot-conditions
.github/workflows/auto-merge.yml:14spoofable bot actor check View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:76credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:231credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:393credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:3overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:46overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:64overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:126overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:131overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:188overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:384overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:476overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:488overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:500overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:104code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:108code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:306code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:468code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:77unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:79unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:113unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:232unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:234unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:241unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:248unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:258unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:263unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:344unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:372unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:394unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:396unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:403unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:411unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:420unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:425unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:470unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:484unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:556unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:564unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:575unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:589unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:592unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:602unpinned action reference View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:133obfuscated usage of GitHub Actions features View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:502obfuscated usage of GitHub Actions features View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/ci-cd.yml:602action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql.yml:32credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:45unpinned action reference View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/reusable-build-wheel.yml:76code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/reusable-build-wheel.yml:82code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-build-wheel.yml:56unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-build-wheel.yml:63unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-build-wheel.yml:86unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-build-wheel.yml:94unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/reusable-linters.yml:33credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:34unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:60unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:70unpinned action reference View on GitHub |
py==1.11.0 |
pytest-dev/py | scanned | low |
5 errors 5 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:32credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:50credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:6overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:41overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/main.yml:63prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:34unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:52unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:63unpinned action reference View on GitHub |
py-serializable==2.1.0 |
madpah/serializable | scanned | high |
22 errors 7 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/python.yml:51credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/python.yml:75credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/python.yml:109credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/python.yml:164credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:53unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:56unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:62unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:77unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:80unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:86unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:111unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:114unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:120unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:166unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:171unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:177unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python.yml:194unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:69credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:103credential persistence through GitHub Actions artifacts View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/release.yml:142prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:71unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:74unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:80unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:105unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:111unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:117unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:132unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:142unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:149unpinned action reference View on GitHub |
pyclean==3.6.0 |
bittner/pyclean | scanned | high |
6 errors 3 warnings 3 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/check.yml:32credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/check.yml:20overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:33unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:17overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:21unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:40credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:20overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:41unpinned action reference View on GitHub |
pydantic==2.13.3 |
pydantic/pydantic | scanned | high | clean |
pydantic_core==2.46.3 |
pydantic/pydantic-core | scanned | low |
98 errors 36 warnings 2 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:84credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:124credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:153credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:196credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:222credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:227credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:264credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:299credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:318credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:390credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:490credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:541credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:574credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:615credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:670credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:699credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:16overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:60overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:114overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:148overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:184overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:217overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:260overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:294overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:315overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:366overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:386overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:404overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:518overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:569overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:600overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:652overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:28unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:54unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:84unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:87unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:90unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:95unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:124unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:127unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:130unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:133unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:153unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:156unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:166unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:171unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:196unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:199unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:204unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:207unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:222unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:227unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:232unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:235unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:238unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:264unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:267unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:272unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:275unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:280unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:299unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:302unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:305unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:307unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:318unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:321unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:329unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:331unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:340unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:348unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:360unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:381unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:390unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:391unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:394unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:399unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:490unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:493unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:501unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:513unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:541unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:544unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:550unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:564unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:574unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:577unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:615unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:618unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:624unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:670unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:673unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:676unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:699unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:701unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:707unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:719unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:725unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:24runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:28runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:90runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:95runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:130runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:133runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:156runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:171runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:199runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:207runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:235runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:238runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:272runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:275runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:280runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:305runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:329runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:340runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:348runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:544runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:673runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:701runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/ci.yml:725action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codspeed.yml:21credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/codspeed.yml:17overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/codspeed.yml:60code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codspeed.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codspeed.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codspeed.yml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codspeed.yml:41unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codspeed.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codspeed.yml:63unpinned action reference View on GitHub |
pydantic-settings==2.14.0 |
pydantic/pydantic-settings | scanned | high | clean |
pydoclint==0.8.3 |
jsh9/pydoclint | scanned | high |
7 errors 6 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/python-package.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/python-package.yml:36credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/python-package.yml:4overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/python-package.yml:11overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/python-package.yml:31overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-package.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-package.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-package.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-package.yml:38unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/python-publish.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/python-publish.yml:32prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-publish.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-publish.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-publish.yml:32unpinned action reference View on GitHub |
pydoctest==0.2.1 |
jepperaskdk/pydoctest | scanned | medium |
5 errors 4 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/python-package.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/python-package.yml:14overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-package.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-package.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-package.yml:45unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/python-publish.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/python-publish.yml:11overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/python-publish.yml:31prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-publish.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/python-publish.yml:18unpinned action reference View on GitHub |
pyenchant==3.3.0 |
pyenchant/pyenchant | scanned | high |
12 errors 8 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/linters.yml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/linters.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/linters.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/linters.yml:16unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:8overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:50unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:18credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:22unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/website.yml:14credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/website.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/website.yml:14unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/website.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/website.yml:31unpinned action reference View on GitHub |
pygls==2.1.1 |
openlawlibrary/pygls | scanned | low |
14 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:38credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:55credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:91credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:108credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:16overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:28overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:50overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:86overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:103overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/json-extension.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/json-extension.yml:13overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yml:8overly broad permissions View on GitHub |
Pygments==2.20.0 |
pygments/pygments | scanned | high |
12 errors 5 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/build.yaml:29credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build.yaml:45credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build.yaml:59credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build.yaml:78credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yaml:30unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yaml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yaml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yaml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yaml:60unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yaml:61unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yaml:79unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yaml:80unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/build.yaml:32runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/docs.yaml:24credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yaml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yaml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yaml:36unpinned action reference View on GitHub |
pylint==4.0.5 |
pylint-dev/pylint | scanned | high |
82 errors 17 notes
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/backport.yml:2use of fundamentally insecure workflow trigger View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/changelog.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/changelog.yml:65code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/changelog.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/changelog.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/changelog.yml:44unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/checks.yaml:36credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/checks.yaml:93credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/checks.yaml:129credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/checks.yaml:144credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:55unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:76unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:98unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:107unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:98unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/checks.yaml:98unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql-analysis.yml:50credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:51unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:55unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql-analysis.yml:80unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/primer-test.yaml:37credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/primer-test.yaml:80credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer-test.yaml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer-test.yaml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer-test.yaml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer-test.yaml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer-test.yaml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer-test.yaml:84unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/primer_comment.yaml:34credential persistence through GitHub Actions artifacts View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/primer_comment.yaml:9use of fundamentally insecure workflow trigger View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/primer_comment.yaml:98code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_comment.yaml:35unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_comment.yaml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_comment.yaml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_comment.yaml:56unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_comment.yaml:104unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/primer_run_main.yaml:36credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_main.yaml:37unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_main.yaml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_main.yaml:48unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_main.yaml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_main.yaml:85unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_main.yaml:98unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_main.yaml:105unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_main.yaml:126unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/primer_run_pr.yaml:45credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/primer_run_pr.yaml:184code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_pr.yaml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_pr.yaml:51unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_pr.yaml:59unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_pr.yaml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_pr.yaml:90unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_pr.yaml:154unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_pr.yaml:167unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_pr.yaml:200unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_pr.yaml:208unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer_run_pr.yaml:222unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:37unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:53unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:59unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:70unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:76unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/stale.yml:16unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:55credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:124credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:165credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:206credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/tests.yaml:72code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/tests.yaml:96code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/tests.yaml:212code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/tests.yaml:227code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:63unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:79unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:111unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:127unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:134unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:142unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:148unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:63unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:134unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:184unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:63unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:79unpinned action reference View on GitHub |
pymdown-extensions==10.21.2 |
facelessuser/pymdown-extensions | scanned | high |
19 errors 11 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/build.yml:44credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build.yml:78credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build.yml:102credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build.yml:14overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build.yml:66overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build.yml:90overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:44unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:80unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:102unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:104unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:108unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/build.yml:108runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:14unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:43unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:30credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:30unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:41unpinned action reference View on GitHub |
pyparsing==3.3.2 |
pyparsing/pyparsing | scanned | high |
5 errors 2 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:35credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:35unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:38unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/cifuzz.yml:4overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/cifuzz.yml:9unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/cifuzz.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/cifuzz.yml:22unpinned action reference View on GitHub |
pyphen==0.17.2 |
Kozea/Pyphen | scanned | high |
2 errors 3 warnings
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/doconfly.yml:10overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:18credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:5overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:19unpinned action reference View on GitHub |
pyproject-api==1.10.0 |
tox-dev/pyproject-api | scanned | high | clean |
pytest==9.0.3 |
pytest-dev/pytest | scanned | high |
1 warning
zizmor/ref-version-mismatch: zizmor/ref-version-mismatch
.github/workflows/stale.yml:13action's hash pin has mismatched or missing version comment View on GitHub |
pytest-cov==7.1.0 |
pytest-dev/pytest-cov | scanned | medium |
6 errors 5 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:226credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:4overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:45overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:246overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:226unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:229unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:256unpinned action reference View on GitHub |
pytest-mock==3.15.1 |
pytest-dev/pytest-mock | scanned | high |
15 errors 2 warnings 5 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:40credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:57code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:57code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:58code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:49unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:61unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:72unpinned action reference View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/deploy.yml:72action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:24credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:55credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:31overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:55unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:64unpinned action reference View on GitHub |
pytest-randomly==4.1.0 |
pytest-dev/pytest-randomly | scanned | high |
15 errors 3 warnings 3 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:30credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:58credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:103credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:16overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:53overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:30unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:60unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:65unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:71unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:87unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:103unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:105unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:110unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/main.yml:38runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/main.yml:65runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/main.yml:105runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub |
pytest-sugar==1.1.1 |
Teemu/pytest-sugar | scanned | medium |
4 errors 2 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/build-and-test.yaml:27credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build-and-test.yaml:58credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-test.yaml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-test.yaml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-test.yaml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-test.yaml:61unpinned action reference View on GitHub |
pytest-timeout==2.4.0 |
pytest-dev/pytest-timeout | scanned | medium |
2 errors 2 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:27credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:5overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:29unpinned action reference View on GitHub |
pytest-xdist==3.8.0 |
pytest-dev/pytest-xdist | scanned | high |
14 errors 5 warnings 5 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:33credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:13overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:50code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:50code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/deploy.yml:51code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:54unpinned action reference View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/deploy.yml:54action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:72credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:20overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:27overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:72unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:84unpinned action reference View on GitHub |
python-dateutil==2.9.0.post0 |
dateutil/dateutil | scanned | high |
12 errors 12 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:25credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:22overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:27unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/validate.yml:63credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/validate.yml:111credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/validate.yml:128credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/validate.yml:142credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/validate.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/validate.yml:15overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/validate.yml:102overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/validate.yml:125overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/validate.yml:139overly broad permissions View on GitHub
zizmor/ref-confusion: zizmor/ref-confusion
.github/workflows/validate.yml:93git ref for action with ambiguous ref type View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/validate.yml:64unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/validate.yml:67unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/validate.yml:93unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/validate.yml:111unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/validate.yml:115unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/validate.yml:128unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/validate.yml:131unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/validate.yml:142unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/validate.yml:144unpinned action reference View on GitHub
zizmor/unpinned-images: zizmor/unpinned-images
.github/workflows/validate.yml:58unpinned image references View on GitHub |
python-discovery==1.2.2 |
tox-dev/python-discovery | scanned | high | clean |
python-dotenv==1.2.2 |
theskumar/python-dotenv | scanned | high |
6 errors 1 warning 2 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:35unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:44unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:34credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:14overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:34unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:37unpinned action reference View on GitHub |
pytokens==0.4.1 |
tusharsadhwani/pytokens | scanned | high |
13 errors 2 warnings 4 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/primer.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/primer.yml:42unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tox.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tox.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tox.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tox.yml:25unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/wheels.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/wheels.yml:62credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/wheels.yml:78credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wheels.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wheels.yml:62unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wheels.yml:64unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wheels.yml:68unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wheels.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wheels.yml:79unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wheels.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wheels.yml:102unpinned action reference View on GitHub |
PyYAML==6.0.3 |
yaml/pyyaml | scanned | high |
27 errors 24 warnings 5 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:46credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:81credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:116credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:141credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:285credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:305credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:493credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:2overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:39overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:76overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:95overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:136overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:188overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:264overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:300overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:379overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:449overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:488overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:576overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:646overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:657overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci.yaml:240code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci.yaml:244code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci.yaml:426code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci.yaml:474code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci.yaml:474code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci.yaml:623code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:69unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:81unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:107unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:113unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:117unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:141unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:199unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:205unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:212unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:257unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:280unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:286unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:305unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:392unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:398unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:405unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:442unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:461unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:493unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:592unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:598unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:605unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:639unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:651unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:668unpinned action reference View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci.yaml:464obfuscated usage of GitHub Actions features View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci.yaml:601obfuscated usage of GitHub Actions features View on GitHub |
pyyaml_env_tag==1.1 |
waylan/pyyaml-env-tag | scanned | high |
10 errors 7 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:53credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:14overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:50overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:53unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:54unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:12overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:52unpinned action reference View on GitHub |
refurb==2.3.1 |
dosisod/refurb | scanned | high |
4 errors 4 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:25credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:32unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:14credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/deploy.yml:10overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/deploy.yml:24prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:14unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:16unpinned action reference View on GitHub |
regex==2026.4.4 |
mrabarnett/mrab-regex | scanned | high |
20 errors 11 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:84credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:133credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:162credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:2overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:17overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:39overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:67overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:115overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:148overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:182overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/main.yml:195prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:51unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:56unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:84unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:85unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:90unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:93unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:133unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:134unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:139unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:142unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:162unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:163unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:168unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:173unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:176unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:188unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:195unpinned action reference View on GitHub |
requests==2.33.1 |
psf/requests | scanned | high | clean |
requirements-parser==0.13.0 |
madpah/requirements-parser | scanned | high |
16 errors 8 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy.yml:57credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:63unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:69unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:79unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:89unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/deploy.yml:94unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/poetry.yml:31credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/poetry.yml:67credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/poetry.yml:106credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/poetry.yml:3overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/poetry.yml:26overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/poetry.yml:50overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/poetry.yml:86overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/poetry.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/poetry.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/poetry.yml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/poetry.yml:69unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/poetry.yml:72unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/poetry.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/poetry.yml:108unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/poetry.yml:113unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/poetry.yml:121unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/poetry.yml:141unpinned action reference View on GitHub |
rich==15.0.0 |
Textualize/rich | scanned | high |
12 errors 8 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql.yml:31credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:63unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codespell.yml:7credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/codespell.yml:4overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codespell.yml:7unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/newissue.yml:11credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/newissue.yml:11unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/newissue.yml:22unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pythonpackage.yml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pythonpackage.yml:6overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pythonpackage.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pythonpackage.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pythonpackage.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pythonpackage.yml:47unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/readmechanged.yml:14credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/readmechanged.yml:11overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/readmechanged.yml:14unpinned action reference View on GitHub |
rich-argparse==1.8.0 |
hamdanal/rich-argparse | scanned | high |
5 errors 2 warnings 2 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-tests.yml:27credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/nightly-tests.yml:22overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-tests.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-tests.yml:28unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-tests.yml:33unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:31credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:19overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:33unpinned action reference View on GitHub |
ruff==0.15.12 |
astral-sh/ruff | scanned | high |
2 errors 10 warnings 3 notes
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yml:18overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yml:106code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yml:181code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yml:234code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yml:330code injection via template expansion View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:120secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:130secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:144secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:251secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:266secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:336secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:345secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:354secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:363secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:372secrets unconditionally inherited by called workflow View on GitHub |
ruyaml==0.91.0 |
pycontribs/ruyaml | scanned | high |
11 errors 8 warnings 2 notes
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ack.yml:8overly broad permissions View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/ack.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ack.yml:9unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/push.yml:11overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/push.yml:12unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:30credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yml:8overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/release.yml:39prefer trusted publishing for authentication View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/release.yml:46prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:46unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tox.yml:35credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tox.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tox.yml:6overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tox.yml:72overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tox.yml:35unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tox.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tox.yml:49unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tox.yml:68unpinned action reference View on GitHub |
semantic-version==2.10.0 |
rbarrois/python-semanticversion | scanned | medium |
4 errors 4 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/check.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/check.yml:8overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:25unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:36credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:8overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:39unpinned action reference View on GitHub |
setuptools==82.0.1 |
pypa/setuptools | scanned | high |
24 errors 9 warnings 3 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-sage.yml:60credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-sage.yml:74code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-sage.yml:74code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-sage.yml:61unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-sage.yml:76unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-sage.yml:83unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:72credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:155credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:196credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:249credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:289credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:317credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/main.yml:114code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:72unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:82unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:100unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:136unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:155unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:159unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:181unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:196unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:198unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:234unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:250unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:255unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:261unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:289unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:295unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:317unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:319unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/main.yml:100runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pyright.yml:52credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pyright.yml:40overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pyright.yml:52unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pyright.yml:54unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pyright.yml:73unpinned action reference View on GitHub |
shellingham==1.5.4 |
sarugaku/shellingham | scanned | medium |
8 errors 6 warnings 3 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:11credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:29credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:8overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:20overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:11unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:29unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:32unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:18credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:13overly broad permissions View on GitHub
zizmor/known-vulnerable-actions: zizmor/known-vulnerable-actions
.github/workflows/publish.yml:50action has a known vulnerability View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:44unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:50unpinned action reference View on GitHub |
six==1.17.0 |
benjaminp/six | scanned | medium |
5 errors 4 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:67credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:12overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:67unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:70unpinned action reference View on GitHub
zizmor/unpinned-images: zizmor/unpinned-images
.github/workflows/ci.yml:63unpinned image references View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:10overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/publish.yml:39prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:15unpinned action reference View on GitHub |
sniffio==1.3.1 |
python-trio/sniffio | scanned | high |
7 errors 5 warnings 3 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:15credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:46credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:71credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:6overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:31overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:62overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:90overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:49unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:72unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:74unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:99unpinned action reference View on GitHub |
sortedcontainers==2.4.0 |
quantopian/zipline | scanned | low |
5 errors 4 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:21credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:12overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:55unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/windows_ci.yml:25credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/windows_ci.yml:16overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/windows_ci.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/windows_ci.yml:48unpinned action reference View on GitHub |
stevedore==5.7.0 |
- | no repo | - | - |
tabulate==0.10.0 |
astanin/python-tabulate | scanned | high |
5 errors 2 warnings 2 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/lint.yml:15credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/lint.yml:8overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/lint.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/lint.yml:17unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tabulate.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tabulate.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tabulate.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tabulate.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tabulate.yml:31unpinned action reference View on GitHub |
termcolor==3.3.0 |
termcolor/termcolor | scanned | high | clean |
textstat==0.7.13 |
textstat/textstat | scanned | medium |
2 errors 2 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:21credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:13overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:24unpinned action reference View on GitHub |
toml==0.10.2 |
uiri/toml | scanned | medium |
2 errors 2 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yaml:18credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yaml:12overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yaml:21unpinned action reference View on GitHub |
tomli==2.4.1 |
hukkin/tomli | scanned | high |
15 errors 8 warnings 6 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:47credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:65credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:92credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:120credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:19overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:38overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:62overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:84overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:115overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:134overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:145overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/tests.yaml:165prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:65unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:80unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:92unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:94unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:104unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:109unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:120unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:128unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:151unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:156unpinned action reference View on GitHub |
tomli_w==1.2.0 |
hukkin/tomli-w | scanned | high |
7 errors 8 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:40credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yaml:75credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:12overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:31overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:61overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yaml:69overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/tests.yaml:88prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:43unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:75unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yaml:76unpinned action reference View on GitHub |
tomlkit==0.14.0 |
sdispater/tomlkit | zizmor_failed | high | - |
totalhelp==0.1.1 |
matthewdeanmartin/totalhelp | scanned | high | clean |
tox==4.53.1 |
tox-dev/tox | scanned | high | clean |
tox-uv==1.35.1 |
tox-dev/tox-uv | scanned | high | clean |
tox-uv-bare==1.35.1 |
tox-dev/tox-uv | scanned | high | clean |
tqdm==4.67.3 |
tqdm/tqdm | scanned | high |
29 errors 9 warnings 14 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/check.yml:18credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/check.yml:31credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/check.yml:68credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/check.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/check.yml:8overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/check.yml:26overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/check.yml:63overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:35unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:68unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:71unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/check.yml:81unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/comment-bot.yml:11credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/comment-bot.yml:11unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/comment-bot.yml:15unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/post-release.yml:10credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/post-release.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/post-release.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/post-release.yml:7overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/post-release.yml:11unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/post-release.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/post-release.yml:18unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/post-release.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/post-release.yml:43unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:11credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:53credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:116credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unsound-contains: zizmor/unsound-contains
.github/workflows/test.yml:8unsound contains condition View on GitHub
zizmor/unsound-contains: zizmor/unsound-contains
.github/workflows/test.yml:39unsound contains condition View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:7overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:38overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:89overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/test.yml:151code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/test.yml:151code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:11unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:53unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:55unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:95unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:116unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:120unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:129unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:154unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:157unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:164unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:172unpinned action reference View on GitHub |
troml-dev-status==0.6.1 |
matthewdeanmartin/troml_dev_status | scanned | high | clean |
typer==0.25.1 |
fastapi/typer | scanned | high |
1 pwn-request
8 errors 16 warnings 13 notes
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/add-to-project.yml:11overly broad permissions View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/add-to-project.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build-docs.yml:21credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build-docs.yml:49credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build-docs.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build-docs.yml:39overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build-docs.yml:76overly broad permissions View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/conflict.yml:2use of fundamentally insecure workflow trigger View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/deploy-docs.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/deploy-docs.yml:2use of fundamentally insecure workflow trigger View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/deploy-docs.yml:29runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/issue-manager.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/labeler.yml:2use of fundamentally insecure workflow trigger View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/latest-changes.yml:27credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/latest-changes.yml:20overly broad permissions View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/latest-changes.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pre-commit.yml:21credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pre-commit.yml:33credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pre-commit.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pre-commit.yml:14overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pre-commit.yml:77overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/smokeshow.yml:21credential persistence through GitHub Actions artifacts View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/smokeshow.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-cpython-nightly.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-cpython-nightly.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-cpython-nightly.yml:12overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test-redistribute.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-redistribute.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-redistribute.yml:13overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test-redistribute.yml:50overly broad permissions View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:49credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:85credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:19overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:77overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:116overly broad permissions View on GitHub |
typeshed_client==2.11.0 |
JelleZijlstra/typeshed_client | scanned | medium |
13 errors 10 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/publish.yml:13credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/publish.yml:9overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/publish.yml:34prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:13unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:34unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/sync-typeshed.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sync-typeshed.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sync-typeshed.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/sync-typeshed.yml:63unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:15credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:30credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/test.yml:44credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:8overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:26overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/test.yml:40overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:15unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:30unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:44unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/test.yml:46unpinned action reference View on GitHub |
typing_extensions==4.15.0 |
python/typing_extensions | scanned | high |
26 errors
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:59unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:64unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:125unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:30unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:58unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:62unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:87unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:91unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:95unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:115unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:119unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:123unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/publish.yml:155unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/third_party.yml:61unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/third_party.yml:94unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/third_party.yml:129unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/third_party.yml:164unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/third_party.yml:202unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/third_party.yml:245unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/third_party.yml:281unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/third_party.yml:319unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/third_party.yml:351unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/third_party.yml:408unpinned action reference View on GitHub |
typing-inspect==0.9.0 |
ilevkivskyi/typing_inspect | scanned | medium |
4 errors 2 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:32credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:51credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:35unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:51unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:53unpinned action reference View on GitHub |
typing-inspection==0.4.2 |
pydantic/typing-inspection | scanned | high |
39 errors 16 warnings 1 note
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:20credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:92credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:112credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:169credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:217credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:15overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:47overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:82overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:107overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:121overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:189overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:62unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:65unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:76unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:92unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:93unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:112unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:113unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:126unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:129unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:135unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:148unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:155unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:169unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:172unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:178unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:183unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:202unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:217unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:219unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:227unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:235unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:21runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:65runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:93runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:113runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:129runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/coverage.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/coverage.yml:33overly broad permissions View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/coverage.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/coverage.yml:28unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/coverage.yml:40unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/coverage.yml:45unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/docs_publish.yml:17credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/docs_publish.yml:12overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/docs_publish.yml:30code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/docs_publish.yml:31code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/docs_publish.yml:43code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs_publish.yml:17unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs_publish.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs_publish.yml:38unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/docs_publish.yml:22runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub |
urllib3==2.6.3 |
urllib3/urllib3 | scanned | high | clean |
uv==0.11.8 |
astral-sh/uv | scanned | high |
2 errors 12 warnings 3 notes
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/ci.yml:155secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/ci.yml:218secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/ci.yml:246secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/ci.yml:252secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/ci.yml:265secrets unconditionally inherited by called workflow View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yml:18overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yml:105code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yml:209code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yml:261code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yml:361code injection via template expansion View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:119secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:129secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:278secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:294secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:371secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:381secrets unconditionally inherited by called workflow View on GitHub
zizmor/secrets-inherit: zizmor/secrets-inherit
.github/workflows/release.yml:391secrets unconditionally inherited by called workflow View on GitHub |
virtualenv==21.3.0 |
pypa/virtualenv | scanned | high | clean |
vulture==2.16 |
jendrikseipp/vulture | scanned | high |
8 errors 2 warnings 3 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:24credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/main.yml:15overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:28unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:54unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pre-commit.yml:12credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/pre-commit.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pre-commit.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pre-commit.yml:13unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:19unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/release.yml:19runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub |
watchdog==6.0.0 |
gorakhargosh/watchdog | scanned | high |
15 errors 8 warnings 6 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/build-and-publish.yml:43credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build-and-publish.yml:69credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build-and-publish.yml:97credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build-and-publish.yml:16overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build-and-publish.yml:38overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build-and-publish.yml:64overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build-and-publish.yml:92overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build-and-publish.yml:115overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/build-and-publish.yml:133prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-publish.yml:44unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-publish.yml:48unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-publish.yml:59unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-publish.yml:70unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-publish.yml:74unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-publish.yml:87unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-publish.yml:98unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-publish.yml:102unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-publish.yml:110unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-publish.yml:124unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-and-publish.yml:133unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:76credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:15overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:37overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:77unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:80unpinned action reference View on GitHub |
wcwidth==0.7.0 |
jquast/wcwidth | scanned | high |
24 errors 4 warnings 7 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:46credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:80credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:139credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:1overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:21overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:59overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci.yml:133overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci.yml:116code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci.yml:122code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:48unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:80unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:82unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:126unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:139unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:140unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:146unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:154unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:170unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:182unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:48runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:82runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/ci.yml:140runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql.yml:26credential persistence through GitHub Actions artifacts View on GitHub
zizmor/known-vulnerable-actions: zizmor/known-vulnerable-actions
.github/workflows/codeql.yml:30action has a known vulnerability View on GitHub
zizmor/known-vulnerable-actions: zizmor/known-vulnerable-actions
.github/workflows/codeql.yml:36action has a known vulnerability View on GitHub
zizmor/known-vulnerable-actions: zizmor/known-vulnerable-actions
.github/workflows/codeql.yml:39action has a known vulnerability View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:30unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:39unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codspeed.yml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codspeed.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codspeed.yml:21unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codspeed.yml:32unpinned action reference View on GitHub |
yamlfix==1.19.1 |
lyz-code/yamlfix | scanned | high |
9 errors 9 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/build.yml:32credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build.yml:29overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build.yml:47unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/install.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/install.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/install.yml:16unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/install.yml:18unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/tests.yml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:2overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:12overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tests.yml:52overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:19unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tests.yml:21unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/update.yml:9overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/update.yml:12unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/update.yml:17unpinned action reference View on GitHub |
yarl==1.23.0 |
aio-libs/yarl | scanned | medium |
47 errors 13 warnings 17 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/aiohttp.yml:38credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/aiohttp.yml:44credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/aiohttp.yml:30overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/aiohttp.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/aiohttp.yml:45unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/aiohttp.yml:49unpinned action reference View on GitHub
zizmor/cache-poisoning: zizmor/cache-poisoning
.github/workflows/aiohttp.yml:49runtime artifacts potentially vulnerable to a cache poisoning attack View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/auto-merge.yml:4use of fundamentally insecure workflow trigger View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/auto-merge.yml:18unpinned action reference View on GitHub
zizmor/bot-conditions: zizmor/bot-conditions
.github/workflows/auto-merge.yml:14spoofable bot actor check View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:77credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci-cd.yml:236credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:3overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:46overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:65overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:127overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:130overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:198overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:389overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:406overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:425overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:444overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:456overly broad permissions View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ci-cd.yml:468overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:105code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:109code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/ci-cd.yml:313code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:78unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:80unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:89unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:114unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:237unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:239unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:246unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:254unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:264unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:269unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:352unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:377unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:438unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:452unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:541unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:549unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:560unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:574unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:577unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci-cd.yml:587unpinned action reference View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:132obfuscated usage of GitHub Actions features View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:391obfuscated usage of GitHub Actions features View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:408obfuscated usage of GitHub Actions features View on GitHub
zizmor/obfuscation: zizmor/obfuscation
.github/workflows/ci-cd.yml:470obfuscated usage of GitHub Actions features View on GitHub
zizmor/superfluous-actions: zizmor/superfluous-actions
.github/workflows/ci-cd.yml:587action functionality is already included by the runner View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/codeql.yml:32credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:36unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/codeql.yml:45unpinned action reference View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/reusable-cibuildwheel.yml:88code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:99unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:106unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:111unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-cibuildwheel.yml:117unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/reusable-codspeed.yml:77credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/reusable-codspeed.yml:160code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-codspeed.yml:80unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-codspeed.yml:84unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-codspeed.yml:92unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-codspeed.yml:100unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-codspeed.yml:109unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-codspeed.yml:170unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/reusable-linters.yml:29credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:30unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:41unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:46unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:56unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/reusable-linters.yml:66unpinned action reference View on GitHub |
z3-solver==4.16.0.0 |
Z3Prover/z3 | scanned | medium |
405 errors 15 warnings 117 notes
zizmor/artipacked: zizmor/artipacked
.github/workflows/Windows.yml:30credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/Windows.yml:14overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/Windows.yml:31unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/Windows.yml:33unpinned action reference View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/Windows.yml:44usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/Windows.yml:50usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/Windows.yml:68usage of GitHub Actions misfeatures View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/a3-python.lock.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/a3-python.lock.yml:338unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/a3-python.lock.yml:912unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/a3-python.lock.yml:1051unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/a3-python.lock.yml:1258unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/academic-citation-tracker.lock.yml:321overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/academic-citation-tracker.lock.yml:89unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/academic-citation-tracker.lock.yml:346unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/academic-citation-tracker.lock.yml:942unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/academic-citation-tracker.lock.yml:1080unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/academic-citation-tracker.lock.yml:1285unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/academic-citation-tracker.lock.yml:1358unpinned action reference View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/agentics-maintenance.yml:197code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/agentics-maintenance.yml:282code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:95unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:133unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:162unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:177unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:207unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:253unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:297unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:312unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:343unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:358unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:440unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:477unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/agentics-maintenance.yml:492unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/android-build.yml:24credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/android-build.yml:25unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/android-build.yml:36unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/api-coherence-checker.lock.yml:322overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/api-coherence-checker.lock.yml:90unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/api-coherence-checker.lock.yml:347unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/api-coherence-checker.lock.yml:943unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/api-coherence-checker.lock.yml:1080unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/api-coherence-checker.lock.yml:1285unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/api-coherence-checker.lock.yml:1358unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/build-warning-fixer.lock.yml:312overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-warning-fixer.lock.yml:89unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-warning-fixer.lock.yml:337unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-warning-fixer.lock.yml:920unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-warning-fixer.lock.yml:1057unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-warning-fixer.lock.yml:1264unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/build-z3-cache.yml:31credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/build-z3-cache.yml:73code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-z3-cache.yml:32unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-z3-cache.yml:35unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/build-z3-cache.yml:48unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:40credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:83credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:123credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:167credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:222credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:316credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:406credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:455credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:496credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ci.yml:516credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:41unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:44unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:84unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:124unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:168unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:171unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:223unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:226unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:317unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:320unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:328unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:334unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:407unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:410unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:456unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:459unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:497unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:500unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:517unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ci.yml:520unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/code-conventions-analyzer.lock.yml:317overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-conventions-analyzer.lock.yml:90unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-conventions-analyzer.lock.yml:342unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-conventions-analyzer.lock.yml:991unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-conventions-analyzer.lock.yml:1129unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-conventions-analyzer.lock.yml:1336unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-conventions-analyzer.lock.yml:1409unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-simplifier.lock.yml:94unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-simplifier.lock.yml:350unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-simplifier.lock.yml:933unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-simplifier.lock.yml:1084unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-simplifier.lock.yml:1266unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/code-simplifier.lock.yml:1337unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/coverage.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/coverage.yml:85code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/coverage.yml:22unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/coverage.yml:92unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/coverage.yml:98unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/cross-build.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/cross-build.yml:23unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/csa-analysis.lock.yml:322overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/csa-analysis.lock.yml:90unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/csa-analysis.lock.yml:347unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/csa-analysis.lock.yml:943unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/csa-analysis.lock.yml:1081unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/csa-analysis.lock.yml:1286unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/csa-analysis.lock.yml:1359unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/docs.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/docs.yml:48credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:37unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:49unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:52unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:97unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:128unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/docs.yml:134unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/issue-backlog-processor.lock.yml:322overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/issue-backlog-processor.lock.yml:90unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/issue-backlog-processor.lock.yml:347unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/issue-backlog-processor.lock.yml:966unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/issue-backlog-processor.lock.yml:1103unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/issue-backlog-processor.lock.yml:1311unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/issue-backlog-processor.lock.yml:1384unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety-report.lock.yml:106unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety-report.lock.yml:375unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety-report.lock.yml:972unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety-report.lock.yml:1110unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety-report.lock.yml:1292unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety-report.lock.yml:1345unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety-report.lock.yml:1418unpinned action reference View on GitHub
zizmor/github-env: zizmor/github-env
.github/workflows/memory-safety-report.lock.yml:1371dangerous use of environment file View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/memory-safety.yml:33credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/memory-safety.yml:123credential persistence through GitHub Actions artifacts View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/memory-safety.yml:222code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety.yml:34unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety.yml:37unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety.yml:107unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety.yml:124unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety.yml:127unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety.yml:197unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/memory-safety.yml:213unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/msvc-static-build-clang-cl.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/msvc-static-build-clang-cl.yml:17unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/msvc-static-build.yml:16credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/msvc-static-build.yml:17unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:29credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:89credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:144credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:199credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:258credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:294credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:330credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:363credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:396credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:433credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:472credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:512credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:555credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:584credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:613credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:642credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:674credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:729credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:781credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly-validation.yml:837credential persistence through GitHub Actions artifacts View on GitHub
zizmor/dangerous-triggers: zizmor/dangerous-triggers
.github/workflows/nightly-validation.yml:3use of fundamentally insecure workflow trigger View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:42code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:101code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:156code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:211code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:266code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:302code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:337code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:370code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:403code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:445code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:485code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:524code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:567code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:596code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:625code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:655code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:686code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:736code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly-validation.yml:788code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:30unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:90unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:93unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:145unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:148unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:200unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:203unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:259unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:295unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:331unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:364unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:397unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:434unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:437unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:473unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:476unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:513unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:516unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:556unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:559unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:585unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:588unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:614unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:617unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:643unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:646unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:675unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:678unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:730unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:782unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:838unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly-validation.yml:841unpinned action reference View on GitHub
zizmor/github-env: zizmor/github-env
.github/workflows/nightly-validation.yml:743dangerous use of environment file View on GitHub
zizmor/github-env: zizmor/github-env
.github/workflows/nightly-validation.yml:795dangerous use of environment file View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:37credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:60credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:88credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:136credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:183credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:212credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:247credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:303credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:341credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:389credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:443credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:469credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:495credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:525credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:600credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:645credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nightly.yml:760credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/nightly.yml:20overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly.yml:578code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nightly.yml:623code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:38unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:41unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:49unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:61unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:64unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:72unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:89unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:92unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:137unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:140unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:184unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:187unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:201unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:213unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:216unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:236unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:248unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:251unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:291unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:304unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:329unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:342unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:377unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:390unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:432unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:444unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:447unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:458unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:470unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:473unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:484unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:496unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:499unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:510unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:526unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:529unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:534unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:540unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:546unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:552unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:558unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:564unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:570unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:587unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:601unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:604unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:609unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:615unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:632unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:646unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:649unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:654unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:660unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:666unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:672unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:678unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:684unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:690unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:696unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:731unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:761unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:764unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:829unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nightly.yml:835unpinned action reference View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nightly.yml:452usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nightly.yml:478usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nightly.yml:504usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nightly.yml:575usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nightly.yml:581usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nightly.yml:620usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nightly.yml:626usage of GitHub Actions misfeatures View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nuget-build.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nuget-build.yml:46credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nuget-build.yml:70credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nuget-build.yml:94credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nuget-build.yml:115credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nuget-build.yml:136credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nuget-build.yml:159credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/nuget-build.yml:214credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/nuget-build.yml:15overly broad permissions View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nuget-build.yml:34code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nuget-build.yml:58code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nuget-build.yml:82code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nuget-build.yml:192code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nuget-build.yml:192code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nuget-build.yml:241code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/nuget-build.yml:241code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:26unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:37unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:47unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:50unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:61unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:71unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:74unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:85unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:95unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:98unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:106unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:116unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:119unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:127unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:137unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:140unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:148unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:160unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:163unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:168unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:184unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:201unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:215unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:218unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:223unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:233unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/nuget-build.yml:250unpinned action reference View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nuget-build.yml:31usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nuget-build.yml:55usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nuget-build.yml:79usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nuget-build.yml:189usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nuget-build.yml:195usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nuget-build.yml:238usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/nuget-build.yml:244usage of GitHub Actions misfeatures View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/ocaml.yaml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ocaml.yaml:10overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ocaml.yaml:20unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ocaml.yaml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ocaml.yaml:33unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ocaml.yaml:41unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/ostrich-benchmark.lock.yml:309overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ostrich-benchmark.lock.yml:87unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ostrich-benchmark.lock.yml:334unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ostrich-benchmark.lock.yml:905unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ostrich-benchmark.lock.yml:1042unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/ostrich-benchmark.lock.yml:1247unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/pyodide.yml:22credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pyodide.yml:23unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/pyodide.yml:63unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/qf-s-benchmark.lock.yml:313overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/qf-s-benchmark.lock.yml:87unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/qf-s-benchmark.lock.yml:338unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/qf-s-benchmark.lock.yml:909unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/qf-s-benchmark.lock.yml:1046unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/qf-s-benchmark.lock.yml:1251unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release-notes-updater.lock.yml:313overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release-notes-updater.lock.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release-notes-updater.lock.yml:338unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release-notes-updater.lock.yml:908unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release-notes-updater.lock.yml:1044unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release-notes-updater.lock.yml:1249unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:38credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:67credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:98credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:146credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:193credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:222credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:257credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:313credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:351credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:399credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:453credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:479credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:505credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:535credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:610credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:655credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:768credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/release.yml:824credential persistence through GitHub Actions artifacts View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/release.yml:23overly broad permissions View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/release.yml:848prefer trusted publishing for authentication View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yml:588code injection via template expansion View on GitHub
zizmor/template-injection: zizmor/template-injection
.github/workflows/release.yml:633code injection via template expansion View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:39unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:42unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:56unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:68unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:71unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:82unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:99unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:102unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:147unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:150unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:194unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:197unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:211unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:223unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:226unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:246unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:258unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:261unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:301unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:314unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:339unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:352unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:387unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:400unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:442unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:454unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:457unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:468unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:480unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:483unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:494unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:506unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:509unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:520unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:536unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:539unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:544unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:550unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:556unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:562unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:568unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:574unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:580unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:597unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:611unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:614unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:619unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:625unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:642unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:656unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:659unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:664unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:670unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:676unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:682unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:688unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:694unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:700unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:706unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:738unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:769unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:772unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:825unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:828unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:834unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:840unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:861unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/release.yml:867unpinned action reference View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/release.yml:462usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/release.yml:488usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/release.yml:514usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/release.yml:585usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/release.yml:591usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/release.yml:630usage of GitHub Actions misfeatures View on GitHub
zizmor/misfeature: zizmor/misfeature
.github/workflows/release.yml:636usage of GitHub Actions misfeatures View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/specbot-crash-analyzer.lock.yml:321overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/specbot-crash-analyzer.lock.yml:87unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/specbot-crash-analyzer.lock.yml:344unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/specbot-crash-analyzer.lock.yml:982unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/specbot-crash-analyzer.lock.yml:1120unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/specbot-crash-analyzer.lock.yml:1325unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/specbot-crash-analyzer.lock.yml:1398unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tactic-to-simplifier.lock.yml:90unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tactic-to-simplifier.lock.yml:346unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tactic-to-simplifier.lock.yml:948unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tactic-to-simplifier.lock.yml:1083unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tactic-to-simplifier.lock.yml:1289unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tactic-to-simplifier.lock.yml:1362unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/tptp-benchmark.lock.yml:317overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tptp-benchmark.lock.yml:87unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tptp-benchmark.lock.yml:342unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tptp-benchmark.lock.yml:923unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tptp-benchmark.lock.yml:1060unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/tptp-benchmark.lock.yml:1266unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/wasm-release.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/use-trusted-publishing: zizmor/use-trusted-publishing
.github/workflows/wasm-release.yml:64prefer trusted publishing for authentication View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wasm-release.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wasm-release.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wasm-release.yml:39unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/wasm.yml:23credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wasm.yml:24unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wasm.yml:27unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wasm.yml:32unpinned action reference View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/wip.yml:19credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/wip.yml:19unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/workflow-suggestion-agent.lock.yml:322overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/workflow-suggestion-agent.lock.yml:90unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/workflow-suggestion-agent.lock.yml:347unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/workflow-suggestion-agent.lock.yml:943unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/workflow-suggestion-agent.lock.yml:1080unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/workflow-suggestion-agent.lock.yml:1285unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/workflow-suggestion-agent.lock.yml:1358unpinned action reference View on GitHub
zizmor/excessive-permissions: zizmor/excessive-permissions
.github/workflows/zipt-code-reviewer.lock.yml:318overly broad permissions View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/zipt-code-reviewer.lock.yml:89unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/zipt-code-reviewer.lock.yml:343unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/zipt-code-reviewer.lock.yml:967unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/zipt-code-reviewer.lock.yml:1103unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/zipt-code-reviewer.lock.yml:1309unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/zipt-code-reviewer.lock.yml:1382unpinned action reference View on GitHub |
zipp==3.23.1 |
jaraco/zipp | scanned | high |
7 errors 3 warnings
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:57credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:84credential persistence through GitHub Actions artifacts View on GitHub
zizmor/artipacked: zizmor/artipacked
.github/workflows/main.yml:120credential persistence through GitHub Actions artifacts View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:57unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:66unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:84unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:88unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:107unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:120unpinned action reference View on GitHub
zizmor/unpinned-uses: zizmor/unpinned-uses
.github/workflows/main.yml:122unpinned action reference View on GitHub |
zizmor==1.24.1 |
zizmorcore/zizmor | scanned | high | clean |