Skip to content

Enforce GitHub Actions security checks with zizmor [WPB-22420]#21362

Merged
screendriver merged 1 commit into
devfrom
zizmor
May 21, 2026
Merged

Enforce GitHub Actions security checks with zizmor [WPB-22420]#21362
screendriver merged 1 commit into
devfrom
zizmor

Conversation

@screendriver
Copy link
Copy Markdown
Member

@screendriver screendriver commented May 21, 2026
edited by github-actions Bot
Loading

TaskWPB-22420 [Web] General maintenance ticket for PR merges

Integrate zizmor into continuous integration to detect insecure GitHub Actions patterns and fail builds when findings are present.

@screendriver screendriver enabled auto-merge May 21, 2026 09:10
@github-advanced-security
Copy link
Copy Markdown

github-advanced-security AI commented May 21, 2026

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security AI found potential problems May 21, 2026
View reviewed changes
Comment thread .github/workflows/ci.yml Fixed
@screendriver screendriver force-pushed the zizmor branch 2 times, most recently from af6e63d to 96875d0 Compare May 21, 2026 09:19
github-advanced-security[bot]
github-advanced-security AI found potential problems May 21, 2026
View reviewed changes
Comment thread .github/workflows/ci.yml Fixed
Comment thread .github/workflows/ci.yml Fixed
Comment thread .github/workflows/ci.yml Fixed
Comment thread .github/workflows/ci.yml Fixed
Comment thread .github/workflows/ci.yml Fixed
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 21, 2026
edited
Loading

🔗 Download Full Report Artifact

🧪 Playwright Test Summary

  • Passed: 15
  • Failed: 0
  • Skipped: 0
  • 🔁 Flaky: 0
  • 📊 Total: 15
  • Total Runtime: 133.3s (~ 2 min 13 sec)

github-advanced-security[bot]
github-advanced-security AI found potential problems May 21, 2026
View reviewed changes
Comment thread .github/workflows/ci.yml Fixed
github-advanced-security[bot]
github-advanced-security AI found potential problems May 21, 2026
View reviewed changes
Comment thread .github/workflows/ci.yml Fixed
@screendriver
chore: enforce GitHub Actions security checks with zizmor
17a7591 
Integrate [zizmor](https://github.com/zizmorcore/zizmor) into continuous integration to detect insecure GitHub Actions patterns and fail builds when findings are present.
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 21, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

thisisamir98
thisisamir98 approved these changes May 21, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@thisisamir98 thisisamir98 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@screendriver screendriver added this pull request to the merge queue May 21, 2026
Merged via the queue into dev with commit 650458f May 21, 2026
36 checks passed
@screendriver screendriver deleted the zizmor branch May 21, 2026 12:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thisisamir98 thisisamir98 thisisamir98 approved these changes

@arjita-mitra arjita-mitra Awaiting requested review from arjita-mitra arjita-mitra is a code owner

@e-maad e-maad Awaiting requested review from e-maad e-maad is a code owner

@otto-the-bot otto-the-bot Awaiting requested review from otto-the-bot otto-the-bot is a code owner

@zskhan zskhan Awaiting requested review from zskhan zskhan is a code owner

+1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@screendriver @github-advanced-security @thisisamir98