zizmor

Zizmor 🔗

Zizmor lints GitHub Actions workflows for security issues using zizmor. Create instances with [New].

source() 🔗

Project source directory.

Return Type

Directory !

dagger -m github.com/MacroPower/x/toolchains/zizmor@3f4ef26289cf6c0690d4ce596cd8832b729b8ad4 call \
 sourcecontent_copy Copied! 

func (m *MyModule) Example() *dagger.Directory  {
	return dag.
			Zizmor().
			Source()
}content_copy Copied!

@function
def example() -> dagger.Directory:
	return (
		dag.zizmor()
		.source()
	)content_copy Copied!

@func()
example(): Directory {
	return dag
		.zizmor()
		.source()
}content_copy Copied!

image() 🔗

zizmor container image reference.

Return Type

String !

dagger -m github.com/MacroPower/x/toolchains/zizmor@3f4ef26289cf6c0690d4ce596cd8832b729b8ad4 call \
 imagecontent_copy Copied! 

func (m *MyModule) Example(ctx context.Context) string  {
	return dag.
			Zizmor().
			Image(ctx)
}content_copy Copied!

@function
async def example() -> str:
	return await (
		dag.zizmor()
		.image()
	)content_copy Copied!

@func()
async example(): Promise<string> {
	return dag
		.zizmor()
		.image()
}content_copy Copied!

configPath() 🔗

Path to the zizmor config file, relative to the source root. When empty, zizmor auto-discovers a config (e.g. .github/zizmor.yml) or falls back to its built-in audit defaults, so the module drops into projects that have no config file.

Return Type

String !

dagger -m github.com/MacroPower/x/toolchains/zizmor@3f4ef26289cf6c0690d4ce596cd8832b729b8ad4 call \
 config-pathcontent_copy Copied! 

func (m *MyModule) Example(ctx context.Context) string  {
	return dag.
			Zizmor().
			ConfigPath(ctx)
}content_copy Copied!

@function
async def example() -> str:
	return await (
		dag.zizmor()
		.config_path()
	)content_copy Copied!

@func()
async example(): Promise<string> {
	return dag
		.zizmor()
		.configPath()
}content_copy Copied!

workflowsDir() 🔗

Directory of workflows to lint, relative to the source root.

Return Type

String !

dagger -m github.com/MacroPower/x/toolchains/zizmor@3f4ef26289cf6c0690d4ce596cd8832b729b8ad4 call \
 workflows-dircontent_copy Copied! 

func (m *MyModule) Example(ctx context.Context) string  {
	return dag.
			Zizmor().
			WorkflowsDir(ctx)
}content_copy Copied!

@function
async def example() -> str:
	return await (
		dag.zizmor()
		.workflows_dir()
	)content_copy Copied!

@func()
async example(): Promise<string> {
	return dag
		.zizmor()
		.workflowsDir()
}content_copy Copied!

lint() 🔗

Lint runs zizmor against the workflows directory. The config file is passed only when [Zizmor.ConfigPath] is set; otherwise zizmor auto-discovers a config or uses its built-in defaults.

Return Type

Void !

dagger -m github.com/MacroPower/x/toolchains/zizmor@3f4ef26289cf6c0690d4ce596cd8832b729b8ad4 call \
 lintcontent_copy Copied! 

func (m *MyModule) Example(ctx context.Context)   {
	return dag.
			Zizmor().
			Lint(ctx)
}content_copy Copied!

@function
async def example() -> None:
	return await (
		dag.zizmor()
		.lint()
	)content_copy Copied!

@func()
async example(): Promise<void> {
	return dag
		.zizmor()
		.lint()
}content_copy Copied!

lintBase() 🔗

LintBase returns the zizmor container with the project source mounted at /src. It is exposed so consumers can wrap it (e.g. with a cache-bust) for benchmarks without pulling in another toolchain dependency.

Return Type

Container !

dagger -m github.com/MacroPower/x/toolchains/zizmor@3f4ef26289cf6c0690d4ce596cd8832b729b8ad4 call \
 lint-basecontent_copy Copied! 

func (m *MyModule) Example() *dagger.Container  {
	return dag.
			Zizmor().
			LintBase()
}content_copy Copied!

@function
def example() -> dagger.Container:
	return (
		dag.zizmor()
		.lint_base()
	)content_copy Copied!

@func()
example(): Container {
	return dag
		.zizmor()
		.lintBase()
}content_copy Copied!