github/tfhe-rs
1
1
Fork 0
mirror of https://github.com/zama-ai/tfhe-rs.git synced 2026-01-08 22:28:01 -05:00
Code Issues Packages Projects Releases Wiki Activity

chore(ci): add workflow security checks with zizmor

Browse Source
This commit is contained in:
David Testé
2025-04-25 12:03:56 +02:00
committed by David Testé
parent eea36b1b3d
commit 1ca14e6db0
2 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
Makefile
View File

@@ -163,6 +163,12 @@ install_typos_checker: install_rs_build_toolchain
cargo $(CARGO_RS_BUILD_TOOLCHAIN) install typos-cli || \
( echo "Unable to install typos-cli, unknown error." && exit 1 )
.PHONY: install_zizmor # Install zizmor workflow security checker
install_zizmor: install_rs_build_toolchain
@zizmor --version > /dev/null 2>&1 || \
cargo $(CARGO_RS_BUILD_TOOLCHAIN) install zizmor || \
( echo "Unable to install zizmor, unknown error." && exit 1 )
.PHONY: setup_venv # Setup Python virtualenv for wasm tests
setup_venv:
python3 -m venv venv
@@ -307,6 +313,10 @@ check_newline: check_linelint_installed
lint_workflow: check_actionlint_installed
actionlint
.PHONY: check_workflow_security # Run zizmor security checker on GitHub workflows
check_workflow_security: install_zizmor
zizmor --persona pedantic .
.PHONY: clippy_core # Run clippy lints on core_crypto with and without experimental features
clippy_core: install_rs_check_toolchain
RUSTFLAGS="$(RUSTFLAGS)" cargo "$(CARGO_RS_CHECK_TOOLCHAIN)" clippy \