2024
-
05:31PM
Journal
I am getting this crazy feeling that the next year is going to be wild.
-
07:07PM
Actions
There is a tool called zizmor which performs a quick safety check on the action script. I believe our actions have some room to be exploited.
We used this command :
zizmor --gh-token=$(gh auth token) ./.github/workflowsWe got a total of
258 findings (178 suppressed): 0 unknown, 18 informational, 0 low, 58 medium, 4 high.