Skip to content

Add zizmor github actions security analysis workflow #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add zizmor github actions security analysis workflow #8

wants to merge 1 commit into from

Conversation

notmandatory
Copy link
Member

@notmandatory notmandatory commented Apr 3, 2025
edited
Loading

Description

Added workflow to run zizmor github actions security analysis.

See: https://woodruffw.github.io/zizmor/usage/#use-in-github-actions

Notes to the reviewers

Original PR: bitcoindevkit/bdk#1813

I pinned zizmor to version 1.6.0, and rust-cache to 2.7.8 (hash 9d47c6ad4b02e050fd481d890b2ea34778fd09d6).

Changelog notice

  • ci: add zizmor github actions security analysis workflow and fix possible vulnerabilities

Checklists

All Submissions:

  • I've signed all my commits
  • I followed the contribution guidelines
  • I ran cargo fmt and cargo clippy before committing

@notmandatory notmandatory added the github_actions Pull requests that update GitHub Actions code label Apr 3, 2025
@notmandatory notmandatory self-assigned this Apr 3, 2025
@notmandatory notmandatory mentioned this pull request Apr 3, 2025
Open
3 tasks
@notmandatory notmandatory force-pushed the ci/zizmor branch 4 times, most recently from 3b48ac2 to 98f87a2 Compare April 3, 2025 23:24
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@notmandatory notmandatory moved this to In Progress in BDK Wallet Apr 3, 2025
@notmandatory notmandatory added this to the 1.3.0 milestone Apr 3, 2025
@notmandatory
Copy link
Member Author

rebased on #2

@notmandatory
Copy link
Member Author

After this is merged I'll make a corresponding PR for the bdk repo.

@coveralls
Copy link

coveralls commented Apr 23, 2025
edited
Loading

Pull Request Test Coverage Report for Build 14608558663

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 86.525%
Totals Coverage Status
Change from base Build 14270666930: 0.0%
Covered Lines: 7269
Relevant Lines: 8401
💛 - Coveralls

@notmandatory notmandatory force-pushed the ci/zizmor branch 5 times, most recently from c315eb9 to 2ed16e8 Compare April 23, 2025 02:22
@notmandatory notmandatory moved this from In Progress to Needs Review in BDK Wallet Apr 23, 2025
oleonardolima
oleonardolima approved these changes May 5, 2025
View reviewed changes
Copy link
Contributor

@oleonardolima oleonardolima left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK be8fc71

luisschwab
luisschwab approved these changes May 5, 2025
View reviewed changes
Copy link
Member

@luisschwab luisschwab left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK be8fc71

@thunderbiscuit thunderbiscuit mentioned this pull request May 6, 2025
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@oleonardolima oleonardolima oleonardolima approved these changes

@luisschwab luisschwab luisschwab approved these changes

Assignees

@notmandatory notmandatory

Labels
github_actions Pull requests that update GitHub Actions code
Projects
BDK Wallet
Status: Needs Review
Milestone
Wallet 2.0.0
Development

Successfully merging this pull request may close these issues.
4 participants
@notmandatory @coveralls @oleonardolima @luisschwab