Skip to main content

Static analysis for GitHub Actions

Project description

🌈 zizmor

zizmor CI Crates.io Packaging status GitHub Sponsors Discord

zizmor is a static analysis tool for GitHub Actions.

It can find many common security issues in typical GitHub Actions CI/CD setups, including:

  • Template injection vulnerabilities, leading to attacker-controlled code execution
  • Accidental credential persistence and leakage
  • Excessive permission scopes and credential grants to runners
  • Impostor commits and confusable git references
  • ...and much more!

zizmor demo

See zizmor's documentation for installation steps, as well as a quickstart and detailed usage recipes.

License

zizmor is licensed under the MIT License.

Contributing

See our contributing guide!

The name?

Now you can have beautiful clean workflows!

Sponsors

zizmor's development is supported by these amazing sponsors!

Logo-level sponsors

Grafana Labs

Trail of Bits

Shipfox

Kusari

Tracebit

Name-level sponsors
Alexander Riccio Carol Willing

Want to see your name or logo above? Consider becoming a sponsor through one of the following:

Star History

Star History Chart

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

zizmor-1.26.1.tar.gz (535.3 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

zizmor-1.26.1-py3-none-win_amd64.whl (8.6 MB view details)

Uploaded Python 3Windows x86-64

zizmor-1.26.1-py3-none-win32.whl (7.5 MB view details)

Uploaded Python 3Windows x86

zizmor-1.26.1-py3-none-musllinux_1_2_x86_64.whl (9.4 MB view details)

Uploaded Python 3musllinux: musl 1.2+ x86-64

zizmor-1.26.1-py3-none-musllinux_1_2_armv7l.whl (8.4 MB view details)

Uploaded Python 3musllinux: musl 1.2+ ARMv7l

zizmor-1.26.1-py3-none-musllinux_1_2_aarch64.whl (8.9 MB view details)

Uploaded Python 3musllinux: musl 1.2+ ARM64

zizmor-1.26.1-py3-none-manylinux_2_28_x86_64.whl (9.3 MB view details)

Uploaded Python 3manylinux: glibc 2.28+ x86-64

zizmor-1.26.1-py3-none-manylinux_2_28_armv7l.whl (8.4 MB view details)

Uploaded Python 3manylinux: glibc 2.28+ ARMv7l

zizmor-1.26.1-py3-none-manylinux_2_24_aarch64.whl (8.8 MB view details)

Uploaded Python 3manylinux: glibc 2.24+ ARM64

zizmor-1.26.1-py3-none-macosx_11_0_arm64.whl (8.6 MB view details)

Uploaded Python 3macOS 11.0+ ARM64

zizmor-1.26.1-py3-none-macosx_10_12_x86_64.whl (9.1 MB view details)

Uploaded Python 3macOS 10.12+ x86-64

File details

Details for the file zizmor-1.26.1.tar.gz.

File metadata

  • Download URL: zizmor-1.26.1.tar.gz
  • Upload date:
  • Size: 535.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.23 {"installer":{"name":"uv","version":"0.11.23","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.26.1.tar.gz
Algorithm Hash digest
SHA256 0c2cc575007a4db99d89d5acc6120cfa7b61504bc2394c3b50af348c73f1916e
MD5 63a1b7b4dbf34030463147b01ba107d2
BLAKE2b-256 e4a0a29b38e24981b4bb41db4f292b2c9fb9ddf8b05d6b724abddd7bd108b621

See more details on using hashes here.

File details

Details for the file zizmor-1.26.1-py3-none-win_amd64.whl.

File metadata

  • Download URL: zizmor-1.26.1-py3-none-win_amd64.whl
  • Upload date:
  • Size: 8.6 MB
  • Tags: Python 3, Windows x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.23 {"installer":{"name":"uv","version":"0.11.23","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.26.1-py3-none-win_amd64.whl
Algorithm Hash digest
SHA256 0a05acf6068609fb6df3b137276cf18a686226a1e0e207941cb34a85929f16cf
MD5 2d6a5f45cfd8d7ecbe80c28bf7c3ea9e
BLAKE2b-256 9158ad561f3a5057d3c0f152002e180a3a5745e72ea9d69bf66450ef9f5d3fe5

See more details on using hashes here.

File details

Details for the file zizmor-1.26.1-py3-none-win32.whl.

File metadata

  • Download URL: zizmor-1.26.1-py3-none-win32.whl
  • Upload date:
  • Size: 7.5 MB
  • Tags: Python 3, Windows x86
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.23 {"installer":{"name":"uv","version":"0.11.23","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.26.1-py3-none-win32.whl
Algorithm Hash digest
SHA256 c96d7787d69fb298eae939e00dfdf7f534d7dfbd9cc17ab442c0650a56851415
MD5 8696da2020ac139e2158bf88d862f50d
BLAKE2b-256 f9eed2a2301f30b9e1bf0d721bfd31739acd71e048757f9ba79279583eb30ac0

See more details on using hashes here.

File details

Details for the file zizmor-1.26.1-py3-none-musllinux_1_2_x86_64.whl.

File metadata

  • Download URL: zizmor-1.26.1-py3-none-musllinux_1_2_x86_64.whl
  • Upload date:
  • Size: 9.4 MB
  • Tags: Python 3, musllinux: musl 1.2+ x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.23 {"installer":{"name":"uv","version":"0.11.23","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.26.1-py3-none-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 8313cc264dec792f00a7328eb7c8e89e7d62d54f950fc897d1e6a5a6e5762203
MD5 0183db9b5bb2e8f720d153cbf83cb7f7
BLAKE2b-256 27cc82d7a838c2d490071555c364f90eb851044b3eeefc1d68612179a2cd1ae5

See more details on using hashes here.

File details

Details for the file zizmor-1.26.1-py3-none-musllinux_1_2_armv7l.whl.

File metadata

  • Download URL: zizmor-1.26.1-py3-none-musllinux_1_2_armv7l.whl
  • Upload date:
  • Size: 8.4 MB
  • Tags: Python 3, musllinux: musl 1.2+ ARMv7l
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.23 {"installer":{"name":"uv","version":"0.11.23","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.26.1-py3-none-musllinux_1_2_armv7l.whl
Algorithm Hash digest
SHA256 44099f426af9da750ff9f548a0084e11d7d83e0158fe1a2778672398d728efdd
MD5 2e8c9b7ca3862ce2df4944e40ec92d3e
BLAKE2b-256 b87efb3d608ee11e2f619d43ad93bab46eb7b32769fa82b1d86fd23f27c2585b

See more details on using hashes here.

File details

Details for the file zizmor-1.26.1-py3-none-musllinux_1_2_aarch64.whl.

File metadata

  • Download URL: zizmor-1.26.1-py3-none-musllinux_1_2_aarch64.whl
  • Upload date:
  • Size: 8.9 MB
  • Tags: Python 3, musllinux: musl 1.2+ ARM64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.23 {"installer":{"name":"uv","version":"0.11.23","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.26.1-py3-none-musllinux_1_2_aarch64.whl
Algorithm Hash digest
SHA256 d2744cdf944436ca7a009ae8b626a017a40381ec990216abd6cf6b8beb23323a
MD5 4eeef1e5491c14a6c5d473ced4c3ac5f
BLAKE2b-256 e3adbd74a96cb02045414ec5b573cd97ff3b82a97fd0bd6658f93c36a011c439

See more details on using hashes here.

File details

Details for the file zizmor-1.26.1-py3-none-manylinux_2_28_x86_64.whl.

File metadata

  • Download URL: zizmor-1.26.1-py3-none-manylinux_2_28_x86_64.whl
  • Upload date:
  • Size: 9.3 MB
  • Tags: Python 3, manylinux: glibc 2.28+ x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.23 {"installer":{"name":"uv","version":"0.11.23","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.26.1-py3-none-manylinux_2_28_x86_64.whl
Algorithm Hash digest
SHA256 6a958d8a0941d7e1d0de8436670b5cb7fc64c8028b4d16e3f519ccc77f953cef
MD5 ed225cf25888f84344e336bdd5d1bb06
BLAKE2b-256 a82b61ab13d45d6ce57ef5a08bb3246981f62e30bb4938098b17bb7b88110b79

See more details on using hashes here.

File details

Details for the file zizmor-1.26.1-py3-none-manylinux_2_28_armv7l.whl.

File metadata

  • Download URL: zizmor-1.26.1-py3-none-manylinux_2_28_armv7l.whl
  • Upload date:
  • Size: 8.4 MB
  • Tags: Python 3, manylinux: glibc 2.28+ ARMv7l
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.23 {"installer":{"name":"uv","version":"0.11.23","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.26.1-py3-none-manylinux_2_28_armv7l.whl
Algorithm Hash digest
SHA256 d3049010b6bd6f849413b6d20c28e0c677b90e0a5b2bc73cbee7f7bd86dc5828
MD5 5b9691ccd426ee9e4a92b107a42598c3
BLAKE2b-256 3d06c07fd0eeef0427d93e99d552d5386526fbcd0bf05fc95cd37bdc6229fccb

See more details on using hashes here.

File details

Details for the file zizmor-1.26.1-py3-none-manylinux_2_24_aarch64.whl.

File metadata

  • Download URL: zizmor-1.26.1-py3-none-manylinux_2_24_aarch64.whl
  • Upload date:
  • Size: 8.8 MB
  • Tags: Python 3, manylinux: glibc 2.24+ ARM64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.23 {"installer":{"name":"uv","version":"0.11.23","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.26.1-py3-none-manylinux_2_24_aarch64.whl
Algorithm Hash digest
SHA256 bb7ebbe565a3742eb49a590352127ad549bb122b9b4ff9424ebab7525fa3b6b6
MD5 18e0d94c3f9ad14272e266b5db4f6ecc
BLAKE2b-256 b4b1ff38fc2921f1fb13244bb3a3642c4b45ecf3946c279942aafcb5dbf55a57

See more details on using hashes here.

File details

Details for the file zizmor-1.26.1-py3-none-macosx_11_0_arm64.whl.

File metadata

  • Download URL: zizmor-1.26.1-py3-none-macosx_11_0_arm64.whl
  • Upload date:
  • Size: 8.6 MB
  • Tags: Python 3, macOS 11.0+ ARM64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.23 {"installer":{"name":"uv","version":"0.11.23","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.26.1-py3-none-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 78083b495593f8b0b9dec14036a0836a5afcddda8a40738336ff4e399476b741
MD5 319ca4d16144e51a8899c313b31cc0e4
BLAKE2b-256 5892cf6801f01e1d65cbda89a2e2926ea42caf1daad9ffa3f1fc88e4c68f48a9

See more details on using hashes here.

File details

Details for the file zizmor-1.26.1-py3-none-macosx_10_12_x86_64.whl.

File metadata

  • Download URL: zizmor-1.26.1-py3-none-macosx_10_12_x86_64.whl
  • Upload date:
  • Size: 9.1 MB
  • Tags: Python 3, macOS 10.12+ x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.23 {"installer":{"name":"uv","version":"0.11.23","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for zizmor-1.26.1-py3-none-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 7ea21ca959c8e888de238fee81d73a1fdf89a82067eac75b8f1acdbd23e2eeaf
MD5 acb7ed6e8ca1efa399aa6fb92988251f
BLAKE2b-256 40a92f47f7db8db9491025e00a7f1a0f25d32b642c0285b2fe070ac63e679b47

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page