Static analysis for GitHub Actions

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for woodruffw from gravatar.com woodruffw
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT
  • Author: William Woodruff <william@yossarian.net>
  • Tags cli , github-actions , static-analysis , security
  • Requires: Python >=3.9
Report project as malware

Project description

🌈 zizmor

CI Crates.io Packaging status GitHub Sponsors Discord

zizmor is a static analysis tool for GitHub Actions.

It can find many common security issues in typical GitHub Actions CI/CD setups, including:

  • Template injection vulnerabilities, leading to attacker-controlled code execution
  • Accidental credential persistence and leakage
  • Excessive permission scopes and credential grants to runners
  • Impostor commits and confusable git references
  • ...and much more!

zizmor demo

See zizmor's documentation for installation steps, as well as a quickstart and detailed usage recipes.

License

zizmor is licensed under the MIT License.

Contributing

See our contributing guide!

The name?

Now you can have beautiful clean workflows!

Sponsors 💖

zizmor's development is supported by these amazing sponsors!

Logo-level sponsors

Astral
Name-level sponsors
Tenki Cloud

Star History

Star History Chart

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for woodruffw from gravatar.com woodruffw
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT
  • Author: William Woodruff <william@yossarian.net>
  • Tags cli , github-actions , static-analysis , security
  • Requires: Python >=3.9

Release history Release notifications | RSS feed

This version

1.9.0

1.8.0

1.8.0rc2 pre-release

1.8.0rc1 pre-release

1.7.0

1.6.0

1.5.2

1.5.1

1.5.0

1.4.1

1.4.0

1.3.1

1.3.0

1.2.2

1.2.1

1.2.0

1.1.1

1.1.0

1.0.1

1.0.0

0.10.0

0.9.2

0.9.1

0.9.0

0.8.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

zizmor-1.9.0.tar.gz (262.1 kB view details)

Uploaded Source

Built Distributions

zizmor-1.9.0-py3-none-win_amd64.whl (5.5 MB view details)

Uploaded Python 3Windows x86-64

zizmor-1.9.0-py3-none-win32.whl (4.9 MB view details)

Uploaded Python 3Windows x86

zizmor-1.9.0-py3-none-musllinux_1_2_x86_64.whl (5.9 MB view details)

Uploaded Python 3musllinux: musl 1.2+ x86-64

zizmor-1.9.0-py3-none-musllinux_1_2_armv7l.whl (5.6 MB view details)

Uploaded Python 3musllinux: musl 1.2+ ARMv7l

zizmor-1.9.0-py3-none-musllinux_1_2_aarch64.whl (5.5 MB view details)

Uploaded Python 3musllinux: musl 1.2+ ARM64

zizmor-1.9.0-py3-none-manylinux_2_28_x86_64.whl (5.9 MB view details)

Uploaded Python 3manylinux: glibc 2.28+ x86-64

zizmor-1.9.0-py3-none-manylinux_2_28_armv7l.whl (5.6 MB view details)

Uploaded Python 3manylinux: glibc 2.28+ ARMv7l

zizmor-1.9.0-py3-none-manylinux_2_24_aarch64.whl (5.6 MB view details)

Uploaded Python 3manylinux: glibc 2.24+ ARM64

zizmor-1.9.0-py3-none-macosx_11_0_arm64.whl (5.4 MB view details)

Uploaded Python 3macOS 11.0+ ARM64

zizmor-1.9.0-py3-none-macosx_10_12_x86_64.whl (5.7 MB view details)

Uploaded Python 3macOS 10.12+ x86-64

File details

Details for the file zizmor-1.9.0.tar.gz.

File metadata

  • Download URL: zizmor-1.9.0.tar.gz
  • Upload date:
  • Size: 262.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: maturin/1.8.6

File hashes

Hashes for zizmor-1.9.0.tar.gz
Algorithm Hash digest
SHA256 3a8486da8e6e75edd1cf56227d64b3b18968f7d65576bb2e268f60d496a1cf52
MD5 7139c7f994558fa04058074483ccd0dc
BLAKE2b-256 c78d7eeff3ee3e76057955fd5333b6aa5914c5ec5b3b1f5cb285374a038aaed5

See more details on using hashes here.

File details

Details for the file zizmor-1.9.0-py3-none-win_amd64.whl.

File metadata

  • Download URL: zizmor-1.9.0-py3-none-win_amd64.whl
  • Upload date:
  • Size: 5.5 MB
  • Tags: Python 3, Windows x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: maturin/1.8.6

File hashes

Hashes for zizmor-1.9.0-py3-none-win_amd64.whl
Algorithm Hash digest
SHA256 315c7c35867abaf9e08cf16d221ad1ba32a6ae1bb59a5087115e84e92db09103
MD5 465defdfb05bf94f37069ef8e93c5ce9
BLAKE2b-256 34f384b0c9804425c8cc3abb17e6c18e6f268694c4dde58c2f4403ed610162d9

See more details on using hashes here.

File details

Details for the file zizmor-1.9.0-py3-none-win32.whl.

File metadata

  • Download URL: zizmor-1.9.0-py3-none-win32.whl
  • Upload date:
  • Size: 4.9 MB
  • Tags: Python 3, Windows x86
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: maturin/1.8.6

File hashes

Hashes for zizmor-1.9.0-py3-none-win32.whl
Algorithm Hash digest
SHA256 ac7459f75176070aa626f5d0e888be4770c5de0c9e7bcd365593e506e06c7587
MD5 7745f824b0cf0ac06299150bd4ec1a79
BLAKE2b-256 07e6d4dc05e46d065aa60a1ff7c9516c11b80ce50658529beb91fa66f175c356

See more details on using hashes here.

File details

Details for the file zizmor-1.9.0-py3-none-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for zizmor-1.9.0-py3-none-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 eabd204b41d9f77d98fb8702fb28a1c44d41d9d63ffa19e4bb658b2fa5312a55
MD5 c4a71edf1d85248d51975237b4bfb010
BLAKE2b-256 6719f664c8a2e8caae11f96fdebde2031e5eecda1fccafaab54dc68185f3054d

See more details on using hashes here.

File details

Details for the file zizmor-1.9.0-py3-none-musllinux_1_2_armv7l.whl.

File metadata

File hashes

Hashes for zizmor-1.9.0-py3-none-musllinux_1_2_armv7l.whl
Algorithm Hash digest
SHA256 34e46651e58f552546c3fe52e4b48d4e151045675a3194e93481e543949763a8
MD5 e578efce9be695873897840c80ecf091
BLAKE2b-256 9d3efe230f7b16e2900c3616cdcfec125871f496f4e3597bb7dd2230c9c020ed

See more details on using hashes here.

File details

Details for the file zizmor-1.9.0-py3-none-musllinux_1_2_aarch64.whl.

File metadata

File hashes

Hashes for zizmor-1.9.0-py3-none-musllinux_1_2_aarch64.whl
Algorithm Hash digest
SHA256 d6bb9a890b19a30d67f4cf7234934864791a92ea2277608413e77a76aaf1e417
MD5 5d775efc20ee1ab4f7b798b5edfecbc6
BLAKE2b-256 7bc55b7018d37fbb25e1f0de7411f5cabc7c82190b1362935d0042d5ef7ba950

See more details on using hashes here.

File details

Details for the file zizmor-1.9.0-py3-none-manylinux_2_28_x86_64.whl.

File metadata

File hashes

Hashes for zizmor-1.9.0-py3-none-manylinux_2_28_x86_64.whl
Algorithm Hash digest
SHA256 03e103d64367c265e32ce9122c7d6317eff6df9d04c399d988192d1925881ed1
MD5 08f374aed747e3a3be2eccb51a5b3db9
BLAKE2b-256 1eacfd54df6c4e4f0bf9c16b056e5b7d01efeaebf74b5387f4f545e2ff2c9c49

See more details on using hashes here.

File details

Details for the file zizmor-1.9.0-py3-none-manylinux_2_28_armv7l.whl.

File metadata

File hashes

Hashes for zizmor-1.9.0-py3-none-manylinux_2_28_armv7l.whl
Algorithm Hash digest
SHA256 ce2696a66c7147c440870c8388ac12689c5deb5ae5fe7049f50b4dbd56dc2390
MD5 2115489f4849c39aac0caf65f95e6531
BLAKE2b-256 3e5c79c35de1642165ac9d97a313c1ba670a7cbc01cfbf3b3723f97fb8b88a7c

See more details on using hashes here.

File details

Details for the file zizmor-1.9.0-py3-none-manylinux_2_24_aarch64.whl.

File metadata

File hashes

Hashes for zizmor-1.9.0-py3-none-manylinux_2_24_aarch64.whl
Algorithm Hash digest
SHA256 5f2e9f1845ab37637936210309bff0ddef543d0e461fb767c15ed331c0c0a2cd
MD5 67265482dc17ffcddbdb69611e584956
BLAKE2b-256 48d1671d47854e07ac0a069b65e65dfd40df87ccc4ec4c0eebc2bb66f25f13e8

See more details on using hashes here.

File details

Details for the file zizmor-1.9.0-py3-none-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for zizmor-1.9.0-py3-none-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 2b0a50d9d85fec7e9feac0a30ee435f68d1fb1020fc4067aa5f3c8cdfeea4870
MD5 7aece578a141bfd53c51b5fe593e44fe
BLAKE2b-256 4d94d01abfab62898eec1064d4dd29ee035e896b9819950f70d25231b9262670

See more details on using hashes here.

File details

Details for the file zizmor-1.9.0-py3-none-macosx_10_12_x86_64.whl.

File metadata

File hashes

Hashes for zizmor-1.9.0-py3-none-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 25e588c9d9c34aa916167ee9ea9708a01dea1902406c8b0a7b6939baab2b6802
MD5 e8a6e53271b67caf44a4398b59dc8cc8
BLAKE2b-256 00905f6de7e747445ecfd704dd2b516bfb6d6490d3e9ba9bc0f19fb743368ac2

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page