yamanin/registry
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
registry/.github
History
Lukasz ec57cb5c0f
CI: Pin GitHub Actions and fix zizmor high-severity findings (#667) 
## Description

This PR fixes zizmor --min-severity high findings in our GitHub Actions
workflows by:
- Pinning all uses: references to immutable commit SHAs (replaces
floating tags like @v6 / @main).
- Pinning internal Terraform setup action usage
(coder/coder/.github/actions/setup-tf@main) to a fixed ref/commit.
- Pinning crate-ci/typos to a commit SHA.
- Removing GitHub expression template expansion inside a run: block in
version-bump.yaml (prevents template injection flagged by zizmor).


## Type of Change

- [ ] New module
- [ ] New template
- [ ] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [x] Other

## Module Information

N/A

## Template Information

N/A

## Testing & Validation

- [ ] Tests pass (`bun test`)
- [ ] Code formatted (`bun fmt`)
- [x] Changes tested locally - zizmor .github/workflows/* --min-severity
high

## Related Issues

- coder/registry#642
- https://github.com/coder/registry/pull/662
2026-01-21 11:42:10 +01:00
..
scripts
feat: enhance version bump script and CI workflow with ci mode (#615)
2025-12-17 15:31:11 -06:00
workflows
CI: Pin GitHub Actions and fix zizmor high-severity findings (#667)
2026-01-21 11:42:10 +01:00
copilot-instructions.md
chore: add AGENTS.md (#393)
2025-08-27 21:02:24 -05:00
dependabot.yaml
chore: group github dependabot updates (#381)
2025-08-25 08:40:10 -05:00
PULL_REQUEST_TEMPLATE.md
Enhance PR template with template information section (#474)
2025-10-09 15:50:38 +00:00
typos.toml
Add Hetzner Cloud server template example (#560)
2025-12-16 14:03:52 +00:00