Static analysis for GitHub Actions

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for woodruffw from gravatar.com woodruffw
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT
  • Author: William Woodruff <william@yossarian.net>
  • Requires: Python >=3.10
Report project as malware

Project description

🌈 zizmor

zizmor CI Crates.io Packaging status GitHub Sponsors Discord

zizmor is a static analysis tool for GitHub Actions.

It can find many common security issues in typical GitHub Actions CI/CD setups, including:

  • Template injection vulnerabilities, leading to attacker-controlled code execution
  • Accidental credential persistence and leakage
  • Excessive permission scopes and credential grants to runners
  • Impostor commits and confusable git references
  • ...and much more!

zizmor demo

See zizmor's documentation for installation steps, as well as a quickstart and detailed usage recipes.

License

zizmor is licensed under the MIT License.

Contributing

See our contributing guide!

The name?

Now you can have beautiful clean workflows!

Sponsors

zizmor's development is supported by these amazing sponsors!

Logo-level sponsors

Grafana Labs
Trail of Bits
Shipfox
Name-level sponsors
Alexander Riccio

Want to see your name or logo above? Consider becoming a sponsor through one of the following:

Star History

Star History Chart

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for woodruffw from gravatar.com woodruffw
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT
  • Author: William Woodruff <william@yossarian.net>
  • Requires: Python >=3.10

Release history Release notifications | RSS feed

This version

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.18.0rc3 pre-release

1.18.0rc2 pre-release

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.2

1.15.1

1.15.0

1.14.2

1.14.1

1.14.0

1.13.0

1.12.1

1.12.0

1.11.1rc1 pre-release

1.11.0

1.10.0

1.9.0

1.8.0

1.8.0rc2 pre-release

1.8.0rc1 pre-release

1.7.0

1.6.0

1.5.2

1.5.1

1.5.0

1.4.1

1.4.0

1.3.1

1.3.0

1.2.2

1.2.1

1.2.0

1.1.1

1.1.0

1.0.1

1.0.0

0.10.0

0.9.2

0.9.1

0.9.0

0.8.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

zizmor-1.22.0.tar.gz (435.0 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

zizmor-1.22.0-py3-none-win_amd64.whl (7.6 MB view details)

Uploaded Python 3Windows x86-64

zizmor-1.22.0-py3-none-win32.whl (6.6 MB view details)

Uploaded Python 3Windows x86

zizmor-1.22.0-py3-none-musllinux_1_2_x86_64.whl (8.1 MB view details)

Uploaded Python 3musllinux: musl 1.2+ x86-64

zizmor-1.22.0-py3-none-musllinux_1_2_armv7l.whl (7.5 MB view details)

Uploaded Python 3musllinux: musl 1.2+ ARMv7l

zizmor-1.22.0-py3-none-musllinux_1_2_aarch64.whl (7.8 MB view details)

Uploaded Python 3musllinux: musl 1.2+ ARM64

zizmor-1.22.0-py3-none-manylinux_2_28_x86_64.whl (8.0 MB view details)

Uploaded Python 3manylinux: glibc 2.28+ x86-64

zizmor-1.22.0-py3-none-manylinux_2_28_armv7l.whl (7.5 MB view details)

Uploaded Python 3manylinux: glibc 2.28+ ARMv7l

zizmor-1.22.0-py3-none-manylinux_2_24_aarch64.whl (7.8 MB view details)

Uploaded Python 3manylinux: glibc 2.24+ ARM64

zizmor-1.22.0-py3-none-macosx_11_0_arm64.whl (7.5 MB view details)

Uploaded Python 3macOS 11.0+ ARM64

zizmor-1.22.0-py3-none-macosx_10_12_x86_64.whl (7.8 MB view details)

Uploaded Python 3macOS 10.12+ x86-64

File details

Details for the file zizmor-1.22.0.tar.gz.

File metadata

  • Download URL: zizmor-1.22.0.tar.gz
  • Upload date:
  • Size: 435.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.22.0.tar.gz
Algorithm Hash digest
SHA256 b36a24cf52af902fbf5526d9ed6b6e665cc418b7c76c93dd018225a385691200
MD5 6dae03b956d66335c6f933679b643edd
BLAKE2b-256 4b4aacd3130f17a7cdc5793d5f73a47e06f2c1576b16432dbeabf221a2625204

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.22.0.tar.gz:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.22.0-py3-none-win_amd64.whl.

File metadata

  • Download URL: zizmor-1.22.0-py3-none-win_amd64.whl
  • Upload date:
  • Size: 7.6 MB
  • Tags: Python 3, Windows x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.22.0-py3-none-win_amd64.whl
Algorithm Hash digest
SHA256 2d52bc8367986c046c116134800117bd5ad4816922e890e81b9bd37a7b28c28f
MD5 29c33abe2ccd3dd7d9c5ad8a46106cac
BLAKE2b-256 30fdd4eb5a558e28b42d257eba609e01fa65ae167589d9ff87e9d265ea1766b3

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.22.0-py3-none-win_amd64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.22.0-py3-none-win32.whl.

File metadata

  • Download URL: zizmor-1.22.0-py3-none-win32.whl
  • Upload date:
  • Size: 6.6 MB
  • Tags: Python 3, Windows x86
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.22.0-py3-none-win32.whl
Algorithm Hash digest
SHA256 05b906d08b7fa70474ad99b95ae6e332e6d527089821df71b739107488aad303
MD5 9d3f91442827a07929c2ba583d872cdb
BLAKE2b-256 0bb4c1d6b7e7c53ecfa64677aa4891b1ad10a3fc8cfc59c6c458a0b7d768c4d3

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.22.0-py3-none-win32.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.22.0-py3-none-musllinux_1_2_x86_64.whl.

File metadata

  • Download URL: zizmor-1.22.0-py3-none-musllinux_1_2_x86_64.whl
  • Upload date:
  • Size: 8.1 MB
  • Tags: Python 3, musllinux: musl 1.2+ x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.22.0-py3-none-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 8fbc43d9feec0e6f85dfb324956f41a58e649763fe8b269ca1c2c4d61f27764d
MD5 900f8ae5724d78a1a791be904166b5ee
BLAKE2b-256 1dae803063f38f70b4e5d51f0e7d0626322730fab44278aeb7b5201a5be2400a

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.22.0-py3-none-musllinux_1_2_x86_64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.22.0-py3-none-musllinux_1_2_armv7l.whl.

File metadata

  • Download URL: zizmor-1.22.0-py3-none-musllinux_1_2_armv7l.whl
  • Upload date:
  • Size: 7.5 MB
  • Tags: Python 3, musllinux: musl 1.2+ ARMv7l
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.22.0-py3-none-musllinux_1_2_armv7l.whl
Algorithm Hash digest
SHA256 a2f3f9d2dc341921543374f75cbd99cad130676809854c3c0fb38fa44fb9ebee
MD5 215cf64168b3221716ae0f5ef198879f
BLAKE2b-256 dee29067973b9064a3f1f32e7ccb0e34004a713d5dec033c38e829421bc5655c

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.22.0-py3-none-musllinux_1_2_armv7l.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.22.0-py3-none-musllinux_1_2_aarch64.whl.

File metadata

  • Download URL: zizmor-1.22.0-py3-none-musllinux_1_2_aarch64.whl
  • Upload date:
  • Size: 7.8 MB
  • Tags: Python 3, musllinux: musl 1.2+ ARM64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.22.0-py3-none-musllinux_1_2_aarch64.whl
Algorithm Hash digest
SHA256 aad09a0788df8d8e9941d47743029f182434599548a463733240b09983b9870e
MD5 c5a4bc316a14bd42dc8da82dcec30d48
BLAKE2b-256 f63b589f3c0145f0e5584ef5cbf7de8c000ab7bfc86618f9c5a77def842c6328

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.22.0-py3-none-musllinux_1_2_aarch64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.22.0-py3-none-manylinux_2_28_x86_64.whl.

File metadata

  • Download URL: zizmor-1.22.0-py3-none-manylinux_2_28_x86_64.whl
  • Upload date:
  • Size: 8.0 MB
  • Tags: Python 3, manylinux: glibc 2.28+ x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.22.0-py3-none-manylinux_2_28_x86_64.whl
Algorithm Hash digest
SHA256 ccc9fe012ca9068add4104fcf75513fb740d41056c238f98dcf97d693feaa743
MD5 e4bb64db2073d36f0f6308ba77193c96
BLAKE2b-256 729844e308c7f365f5f9e672b3d581224e50d0c7a397dcebd3fba93869487dc5

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.22.0-py3-none-manylinux_2_28_x86_64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.22.0-py3-none-manylinux_2_28_armv7l.whl.

File metadata

  • Download URL: zizmor-1.22.0-py3-none-manylinux_2_28_armv7l.whl
  • Upload date:
  • Size: 7.5 MB
  • Tags: Python 3, manylinux: glibc 2.28+ ARMv7l
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.22.0-py3-none-manylinux_2_28_armv7l.whl
Algorithm Hash digest
SHA256 4f81f527ea5f628537f1a80c63a832f6ee1d529201ecd473f1c06fe28498ecc1
MD5 ce18264694d8f92732d87a975dcc845e
BLAKE2b-256 1c8a1b27a90e3b54ca925ed080cadfa083ada4779ac8aef973fd9fe0da4496a7

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.22.0-py3-none-manylinux_2_28_armv7l.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.22.0-py3-none-manylinux_2_24_aarch64.whl.

File metadata

  • Download URL: zizmor-1.22.0-py3-none-manylinux_2_24_aarch64.whl
  • Upload date:
  • Size: 7.8 MB
  • Tags: Python 3, manylinux: glibc 2.24+ ARM64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.22.0-py3-none-manylinux_2_24_aarch64.whl
Algorithm Hash digest
SHA256 92d90fbebdcbd865ff8d48a8579a23102c788d09e378b60d3452603eb15e69bc
MD5 023c5a3ba9c13b9730de6b1deef58cbc
BLAKE2b-256 3b2f5a4451dd0321c9f608821ca196ec35935d4394d6a3404fb1b37f94513d0e

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.22.0-py3-none-manylinux_2_24_aarch64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.22.0-py3-none-macosx_11_0_arm64.whl.

File metadata

  • Download URL: zizmor-1.22.0-py3-none-macosx_11_0_arm64.whl
  • Upload date:
  • Size: 7.5 MB
  • Tags: Python 3, macOS 11.0+ ARM64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.22.0-py3-none-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 05c62d8cc0c16e0c0551e5085ef1f367d3b70e18df6ff1dcb212f6a6355bee4e
MD5 fe47919a831805fa34b7203d1be9be99
BLAKE2b-256 4cbc69c0f86b92c7b70407d90961226149c275f988a73a67e5660ef326bfd069

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.22.0-py3-none-macosx_11_0_arm64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.22.0-py3-none-macosx_10_12_x86_64.whl.

File metadata

  • Download URL: zizmor-1.22.0-py3-none-macosx_10_12_x86_64.whl
  • Upload date:
  • Size: 7.8 MB
  • Tags: Python 3, macOS 10.12+ x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.22.0-py3-none-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 80c62a9503a4235091dd076c11925f98f8d0e3fcaa8a6e2e1153e784ff3e0062
MD5 819e19a0f043c5f686edeffe24d134a8
BLAKE2b-256 e1c8d45323e1ce1663ba099e777d3cd32e697f240dd0e5209a81b604d6447d46

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.22.0-py3-none-macosx_10_12_x86_64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page