bo0tzz 64000d9d76 feat: static analysis job for gha workflows (#17688) ... * fix: set persist-credentials explicitly for checkout https://woodruffw.github.io/zizmor/audits/#artipacked * fix: minimize permissions scope for workflows https://woodruffw.github.io/zizmor/audits/#excessive-permissions * fix: remove potential template injections https://woodruffw.github.io/zizmor/audits/#template-injection * fix: only pass needed secrets in workflow_call https://woodruffw.github.io/zizmor/audits/#secrets-inherit * fix: push perm for single-arch build jobs I hadn't realised these push to the registry too :x * chore: fix formatting * fix: $ * fix: retag job quoting * feat: static analysis job for gha workflows * chore: fix formatting * fix: clear last zizmor checks * fix: broken merge --------- Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>		2025-04-23 15:49:06 +00:00
..
DISCUSSION_TEMPLATE	feat: lint workflow files and others files in .github (#16914)	2025-03-24 10:49:18 -05:00
ISSUE_TEMPLATE	feat: lint workflow files and others files in .github (#16914)	2025-03-24 10:49:18 -05:00
PULL_REQUEST_TEMPLATE	fix: pr template not being used and make some changes (#15893)	2025-02-04 09:06:54 -06:00
workflows	feat: static analysis job for gha workflows (#17688)	2025-04-23 15:49:06 +00:00
.nvmrc	feat: lint workflow files and others files in .github (#16914)	2025-03-24 10:49:18 -05:00
FUNDING.yml	chore: modify .github/FUNDING.yml	2025-02-27 14:28:08 +00:00
labeler.yml	fix: only apply changelog:translation label to weblate branch (#12468)	2024-09-08 09:09:27 -04:00
package-lock.json	feat: lint workflow files and others files in .github (#16914)	2025-03-24 10:49:18 -05:00
package.json	feat: lint workflow files and others files in .github (#16914)	2025-03-24 10:49:18 -05:00
pull_request_template.md	fix(github): consistent folder format for PR template (#16669)	2025-03-06 20:32:10 -05:00
release.yml	feat: lint workflow files and others files in .github (#16914)	2025-03-24 10:49:18 -05:00