Add zizmor for GitHub Actions
Summary
Check GitHub Actions for security issues using zizmor.
Motivation
Improve security of our Actions, especially in light of the Tivy compromise.
Proposed Solution
Implement a Actions workflow and pre-commit config that checks zizmor. Bring current actions into compliance with any checks.
Alternatives Considered
No.
Additional Context
Relevant example from Pydantic: https://github.com/pydantic/pydantic/pull/13039/changes#diff-63a9c44a44acf85fea213a857769990937107cf072831e1a26808cfde9d096b9
Checklist
Add zizmor for GitHub Actions
Summary
Check GitHub Actions for security issues using zizmor.
Motivation
Improve security of our Actions, especially in light of the Tivy compromise.
Proposed Solution
Implement a Actions workflow and pre-commit config that checks zizmor. Bring current actions into compliance with any checks.
Alternatives Considered
No.
Additional Context
Relevant example from Pydantic: https://github.com/pydantic/pydantic/pull/13039/changes#diff-63a9c44a44acf85fea213a857769990937107cf072831e1a26808cfde9d096b9
Checklist