Static analysis for GitHub Actions

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for woodruffw from gravatar.com woodruffw
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT
  • Author: William Woodruff <william@yossarian.net>
  • Requires: Python >=3.10
Report project as malware

Project description

🌈 zizmor

zizmor CI Crates.io Packaging status GitHub Sponsors Discord

zizmor is a static analysis tool for GitHub Actions.

It can find many common security issues in typical GitHub Actions CI/CD setups, including:

  • Template injection vulnerabilities, leading to attacker-controlled code execution
  • Accidental credential persistence and leakage
  • Excessive permission scopes and credential grants to runners
  • Impostor commits and confusable git references
  • ...and much more!

zizmor demo

See zizmor's documentation for installation steps, as well as a quickstart and detailed usage recipes.

License

zizmor is licensed under the MIT License.

Contributing

See our contributing guide!

The name?

Now you can have beautiful clean workflows!

Sponsors

zizmor's development is supported by these amazing sponsors!

Logo-level sponsors

Grafana Labs
Trail of Bits
Shipfox
Name-level sponsors
Alexander Riccio

Want to see your name or logo above? Consider becoming a sponsor through one of the following:

Star History

Star History Chart

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for woodruffw from gravatar.com woodruffw
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT
  • Author: William Woodruff <william@yossarian.net>
  • Requires: Python >=3.10

Release history Release notifications | RSS feed

This version

1.20.0

1.19.0

1.18.0

1.18.0rc3 pre-release

1.18.0rc2 pre-release

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.2

1.15.1

1.15.0

1.14.2

1.14.1

1.14.0

1.13.0

1.12.1

1.12.0

1.11.1rc1 pre-release

1.11.0

1.10.0

1.9.0

1.8.0

1.8.0rc2 pre-release

1.8.0rc1 pre-release

1.7.0

1.6.0

1.5.2

1.5.1

1.5.0

1.4.1

1.4.0

1.3.1

1.3.0

1.2.2

1.2.1

1.2.0

1.1.1

1.1.0

1.0.1

1.0.0

0.10.0

0.9.2

0.9.1

0.9.0

0.8.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

zizmor-1.20.0.tar.gz (429.9 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

zizmor-1.20.0-py3-none-win_amd64.whl (7.6 MB view details)

Uploaded Python 3Windows x86-64

zizmor-1.20.0-py3-none-win32.whl (6.6 MB view details)

Uploaded Python 3Windows x86

zizmor-1.20.0-py3-none-musllinux_1_2_x86_64.whl (8.1 MB view details)

Uploaded Python 3musllinux: musl 1.2+ x86-64

zizmor-1.20.0-py3-none-musllinux_1_2_armv7l.whl (7.5 MB view details)

Uploaded Python 3musllinux: musl 1.2+ ARMv7l

zizmor-1.20.0-py3-none-musllinux_1_2_aarch64.whl (7.8 MB view details)

Uploaded Python 3musllinux: musl 1.2+ ARM64

zizmor-1.20.0-py3-none-manylinux_2_28_x86_64.whl (8.0 MB view details)

Uploaded Python 3manylinux: glibc 2.28+ x86-64

zizmor-1.20.0-py3-none-manylinux_2_28_armv7l.whl (7.4 MB view details)

Uploaded Python 3manylinux: glibc 2.28+ ARMv7l

zizmor-1.20.0-py3-none-manylinux_2_24_aarch64.whl (7.7 MB view details)

Uploaded Python 3manylinux: glibc 2.24+ ARM64

zizmor-1.20.0-py3-none-macosx_11_0_arm64.whl (7.4 MB view details)

Uploaded Python 3macOS 11.0+ ARM64

zizmor-1.20.0-py3-none-macosx_10_12_x86_64.whl (7.8 MB view details)

Uploaded Python 3macOS 10.12+ x86-64

File details

Details for the file zizmor-1.20.0.tar.gz.

File metadata

  • Download URL: zizmor-1.20.0.tar.gz
  • Upload date:
  • Size: 429.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.20.0.tar.gz
Algorithm Hash digest
SHA256 b80596a7e537ea53394b08336de6fdb24661a286c849f6c9f34b168d8d1fc101
MD5 110f6c5937410f3de37260069885c37f
BLAKE2b-256 2890a4ac78798dc184fc02de3f31850b94fdd1ca75559738cb474b240ab2652c

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.20.0.tar.gz:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.20.0-py3-none-win_amd64.whl.

File metadata

  • Download URL: zizmor-1.20.0-py3-none-win_amd64.whl
  • Upload date:
  • Size: 7.6 MB
  • Tags: Python 3, Windows x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.20.0-py3-none-win_amd64.whl
Algorithm Hash digest
SHA256 7787ea46b8689ddc2fb339447445987822fb1a575ac4f527524ee15102379558
MD5 9b61b01e8ab49bb218836c8e0bf045e8
BLAKE2b-256 f88d4b4be117e8c3dfb7c1d5236ca8981756538330a89d148cbd9d117af4ef8d

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.20.0-py3-none-win_amd64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.20.0-py3-none-win32.whl.

File metadata

  • Download URL: zizmor-1.20.0-py3-none-win32.whl
  • Upload date:
  • Size: 6.6 MB
  • Tags: Python 3, Windows x86
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.20.0-py3-none-win32.whl
Algorithm Hash digest
SHA256 02c19027df384c67c03d22d8e793f46d5ce069dca8265d71715455d7e3bb96c1
MD5 edc3d96a24587e37ba87a68103ce03b6
BLAKE2b-256 9c149d8b856af299336ca8b43feb4732d898d54d3e94361dace60b06cbcdc6f8

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.20.0-py3-none-win32.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.20.0-py3-none-musllinux_1_2_x86_64.whl.

File metadata

  • Download URL: zizmor-1.20.0-py3-none-musllinux_1_2_x86_64.whl
  • Upload date:
  • Size: 8.1 MB
  • Tags: Python 3, musllinux: musl 1.2+ x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.20.0-py3-none-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 eff403cd9f623a0ff39954f6cb006f3b38ece751efee26ab5d17f7a0fc63f29a
MD5 cbdd97ff8ea01e51844e8bf42727581b
BLAKE2b-256 918d885ac52529b5a731de128c8952472c3f5a4e6680f4f00d91601d140b234c

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.20.0-py3-none-musllinux_1_2_x86_64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.20.0-py3-none-musllinux_1_2_armv7l.whl.

File metadata

  • Download URL: zizmor-1.20.0-py3-none-musllinux_1_2_armv7l.whl
  • Upload date:
  • Size: 7.5 MB
  • Tags: Python 3, musllinux: musl 1.2+ ARMv7l
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.20.0-py3-none-musllinux_1_2_armv7l.whl
Algorithm Hash digest
SHA256 5cae20372c00720e8de2938bec135ade191c3619571753b9ecb43dee1adfaf5e
MD5 4f756396bb11f6a58c7171d97ad9e0fb
BLAKE2b-256 4dd590e42006ec04d2fc2d2405f991a7690807a1cff8038cb62ac097c5eb0e78

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.20.0-py3-none-musllinux_1_2_armv7l.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.20.0-py3-none-musllinux_1_2_aarch64.whl.

File metadata

  • Download URL: zizmor-1.20.0-py3-none-musllinux_1_2_aarch64.whl
  • Upload date:
  • Size: 7.8 MB
  • Tags: Python 3, musllinux: musl 1.2+ ARM64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.20.0-py3-none-musllinux_1_2_aarch64.whl
Algorithm Hash digest
SHA256 1c24f7afe7131ac45e916b24bb0e99c1d3a938a0c70504b0298faa499f1b7306
MD5 31f759c47b411bda51b2cfa28a9c82bb
BLAKE2b-256 a710617a53ea3859a67dc57f3b39e7fc0eac7dceb7c9311e62070856f7fc33ff

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.20.0-py3-none-musllinux_1_2_aarch64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.20.0-py3-none-manylinux_2_28_x86_64.whl.

File metadata

  • Download URL: zizmor-1.20.0-py3-none-manylinux_2_28_x86_64.whl
  • Upload date:
  • Size: 8.0 MB
  • Tags: Python 3, manylinux: glibc 2.28+ x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.20.0-py3-none-manylinux_2_28_x86_64.whl
Algorithm Hash digest
SHA256 6085249dd9a4224885a5575e8b1af5bdc4cf46c6f8641079646dc85c0e27a506
MD5 350d927ba3efbb1892ec0386090cb314
BLAKE2b-256 9f75821762f751989120aaec7242bde0dfa819416215916881659b0ac2e9ad2d

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.20.0-py3-none-manylinux_2_28_x86_64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.20.0-py3-none-manylinux_2_28_armv7l.whl.

File metadata

  • Download URL: zizmor-1.20.0-py3-none-manylinux_2_28_armv7l.whl
  • Upload date:
  • Size: 7.4 MB
  • Tags: Python 3, manylinux: glibc 2.28+ ARMv7l
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.20.0-py3-none-manylinux_2_28_armv7l.whl
Algorithm Hash digest
SHA256 1d67fa2f68a2fc386f21388caa8f22b463861aa4122f21f6d6176ef1e35f1f5a
MD5 22f4d11516446e6cf687b6861c63ac58
BLAKE2b-256 3a951d4cb59263d6c9f60c16cd2e829d4f24b5e4f65ea168e06b9b7646a227ba

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.20.0-py3-none-manylinux_2_28_armv7l.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.20.0-py3-none-manylinux_2_24_aarch64.whl.

File metadata

  • Download URL: zizmor-1.20.0-py3-none-manylinux_2_24_aarch64.whl
  • Upload date:
  • Size: 7.7 MB
  • Tags: Python 3, manylinux: glibc 2.24+ ARM64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.20.0-py3-none-manylinux_2_24_aarch64.whl
Algorithm Hash digest
SHA256 8672550f6d80f41609ecb2228826f18c8bd6f6397517aefe28e1fd84a0aea3ff
MD5 b0520fda779c1cd0c0899a42a226d93a
BLAKE2b-256 b20c09b454b85ccefd5b3c047a65ab8faadf16bf59f4a9d10321523a8f78f7a1

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.20.0-py3-none-manylinux_2_24_aarch64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.20.0-py3-none-macosx_11_0_arm64.whl.

File metadata

  • Download URL: zizmor-1.20.0-py3-none-macosx_11_0_arm64.whl
  • Upload date:
  • Size: 7.4 MB
  • Tags: Python 3, macOS 11.0+ ARM64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.20.0-py3-none-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 4679efa9edaa3005e21f421f6d98ef4f7a5dc62fc323c42ac9ca3aa616ebb9b8
MD5 6295dc9ae1f66974655b47f9b61c16e3
BLAKE2b-256 47ee4f45e47825b5d6fd2b3e1a225e6deb48759b1614c682cdf81774fffbbe0a

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.20.0-py3-none-macosx_11_0_arm64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file zizmor-1.20.0-py3-none-macosx_10_12_x86_64.whl.

File metadata

  • Download URL: zizmor-1.20.0-py3-none-macosx_10_12_x86_64.whl
  • Upload date:
  • Size: 7.8 MB
  • Tags: Python 3, macOS 10.12+ x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.20.0-py3-none-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 7b7b1d154f7bf99a27738593b262494c922a9d45250889eb070abf352df92f0a
MD5 e27e8070c456169b43e732ab41a64a12
BLAKE2b-256 d0dcd48e5907cd3e24fcf490b887fa01608a7356225bd5b21cf78738a64ce585

See more details on using hashes here.

Provenance

The following attestation bundles were made for zizmor-1.20.0-py3-none-macosx_10_12_x86_64.whl:

Publisher: release-pypi.yml on zizmorcore/zizmor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page