Skip to content

DEVOPS-977: use v3 of zizmor github workflows#859

Merged
sebhmg merged 2 commits intodevelopfrom
DEVOPS-977-zizmor-patch
Apr 8, 2026
Merged

DEVOPS-977: use v3 of zizmor github workflows#859
sebhmg merged 2 commits intodevelopfrom
DEVOPS-977-zizmor-patch

Conversation

@andrewg-mira
Copy link
Copy Markdown
Contributor

@andrewg-mira andrewg-mira commented Mar 20, 2026
edited by github-actions bot
Loading

DEVOPS-977 - Zizmor: Allow trusted tag-pinned github actions

Copilot AI review requested due to automatic review settings March 20, 2026 20:34
@github-actions github-actions bot changed the title DEVOPS-977 use v3 of zizmor github workflows DEVOPS-977: use v3 of zizmor github workflows Mar 20, 2026
Copilot AI reviewed Mar 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the repository’s security scan GitHub Actions workflow to use a newer major version of the reusable Zizmor annotation workflow from MiraGeoscience/CI-tools.

Changes:

  • Bump reusable-zizmor-annotate.yml reusable workflow reference from @v2 to @v3 in the security scan workflow.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/workflows/security_scan.yml
contents: read
actions: read
uses: MiraGeoscience/CI-tools/.github/workflows/reusable-zizmor-annotate.yml@v2
uses: MiraGeoscience/CI-tools/.github/workflows/reusable-zizmor-annotate.yml@v3
Copy link

Copilot AI Mar 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR title indicates switching Zizmor GitHub workflows to v3, but this workflow still calls reusable-zizmor-advanced-security.yml@v2 (line 34). Either update the advanced-security reusable workflow to v3 as well (if available) or adjust the PR title/description to reflect that only the annotate workflow was upgraded.

Copilot uses AI. Check for mistakes.
sebhmg
sebhmg reviewed Apr 6, 2026
View reviewed changes
@sebhmg sebhmg merged commit 2372044 into develop Apr 8, 2026
20 checks passed
@sebhmg sebhmg deleted the DEVOPS-977-zizmor-patch branch April 8, 2026 15:00
@codecov
Copy link
Copy Markdown

codecov bot commented Apr 8, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 91.28%. Comparing base (8a2adcc) to head (c633ab9).
⚠️ Report is 52 commits behind head on develop.

Additional details and impacted files 
@@             Coverage Diff             @@
##           develop     #859      +/-   ##
===========================================
+ Coverage    91.18%   91.28%   +0.09%     
===========================================
  Files          115      112       -3     
  Lines        10298    10369      +71     
  Branches      1901     1908       +7     
===========================================
+ Hits          9390     9465      +75     
+ Misses         485      477       -8     
- Partials       423      427       +4

see 17 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@sebhmg sebhmg sebhmg approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@andrewg-mira @sebhmg