Skip to content

ci: adopt zizmor for workflow validation #15733

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
dmcilvaney merged 1 commit into from
Feb 9, 2026
Merged

ci: adopt zizmor for workflow validation #15733

dmcilvaney merged 1 commit into from
Feb 9, 2026

Conversation

@reubeno
Copy link
Member

@reubeno reubeno commented Feb 5, 2026

Adopts https://github.com/zizmorcore/zizmor for GitHub workflow linting. This is something we've enabled in other repositories to good effect.

Copilot AI review requested due to automatic review settings February 5, 2026 15:54
Copilot AI reviewed Feb 5, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR introduces automated GitHub workflow validation using zizmor, a security-focused linter for GitHub Actions workflows. The new workflow runs on pushes to main, pull requests, manual dispatch, and on a nightly schedule to continuously validate workflow security and correctness.

Changes:

  • Added a new workflow file .github/workflows/check-workflows.yml that installs and runs zizmor with pedantic mode enabled

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

ddstreetmicrosoft
ddstreetmicrosoft reviewed Feb 5, 2026
View reviewed changes
Copy link
Contributor

@ddstreetmicrosoft ddstreetmicrosoft left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not familiar with zizmor so I probably should give a review approval, but I did notice the branch name might need adjustment, if you can check my review comments

@reubeno reubeno requested a review from christopherco February 6, 2026 00:25
@dmcilvaney dmcilvaney merged commit 6598984 into microsoft:tomls/base/main Feb 9, 2026
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ddstreetmicrosoft ddstreetmicrosoft ddstreetmicrosoft left review comments

Copilot code review Copilot Copilot left review comments

@dmcilvaney dmcilvaney dmcilvaney approved these changes

@christopherco christopherco Awaiting requested review from christopherco

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@reubeno @dmcilvaney @ddstreetmicrosoft