Skip to content

update security workflows#112

Merged
bckohan merged 3 commits intomainfrom
ci_updates
Jan 22, 2026
Merged

update security workflows#112
bckohan merged 3 commits intomainfrom
ci_updates

Conversation

@bckohan
Copy link
Owner

@bckohan bckohan commented Jan 22, 2026

No description provided.

Copilot AI review requested due to automatic review settings January 22, 2026 17:16
Copilot AI reviewed Jan 22, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the repository's security workflows by adding Zizmor security scanning and reorganizing security badges. The changes add a new automated security analysis tool, restrict workflow triggers to the main branch, and update badge placement in documentation.

Changes:

  • Adds new Zizmor workflow for GitHub Actions security scanning
  • Moves OpenSSF Scorecard badge from SECURITY.md to README.md
  • Restricts test and lint workflow triggers to only run on main branch pushes

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
.github/workflows/zizmor.yml New workflow that runs Zizmor security analysis on GitHub Actions workflows
SECURITY.md Adds Zizmor badge and removes OpenSSF Scorecard badge
README.md Adds OpenSSF Scorecard badge (moved from SECURITY.md)
.github/workflows/test.yml Adds branch filter to only run on main branch pushes
.github/workflows/lint.yml Adds branch filter to only run on main branch pushes

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Copilot AI review requested due to automatic review settings January 22, 2026 17:19
@bckohan
update security workflows
b9bcb33 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@github-advanced-security
Copy link

github-advanced-security bot commented Jan 22, 2026

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

Copilot AI reviewed Jan 22, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@bckohan
Update SECURITY.md
01cf7b2 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings January 22, 2026 17:23
Copilot AI reviewed Jan 22, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@bckohan bckohan merged commit 891d352 into main Jan 22, 2026
27 checks passed
@bckohan bckohan deleted the ci_updates branch January 22, 2026 23:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bckohan