GitHub user yihong0618 closed a discussion: [Ideas] use zizmor to static analysis the GitHub Actions files and fix them
### Description As more and more attackers using GitHub Actions to steal the token or attack other users such as Mining Scripts zizmor: https://woodruffw.github.io/zizmor/ more can check issue one-api or https://www.praetorian.com/blog/compromising-bytedances-rspack-github-actions-vulnerabilities/ we can use static check to avoid them as we can. same request for opendal https://github.com/apache/opendal/issues/5502 what do you think @edespino ### Use case/motivation _No response_ ### Related issues _No response_ ### Are you willing to submit a PR? - [ ] Yes I am willing to submit a PR! GitHub link: https://github.com/apache/cloudberry/discussions/841 ---- This is an automatically sent email for dev@cloudberry.apache.org. To unsubscribe, please send an email to: dev-unsubscr...@cloudberry.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@cloudberry.apache.org For additional commands, e-mail: dev-h...@cloudberry.apache.org
