From a8850cd5489bb39cb6bc6885025fdf294065bdb7 Mon Sep 17 00:00:00 2001
From: Boshen <boshenc@gmail.com>
Date: Fri, 13 Dec 2024 20:14:20 +0800
Subject: [PATCH] ci: zizmor --pedantic

---
 .github/workflows/ci_security.yml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci_security.yml b/.github/workflows/ci_security.yml
index a6e8fcd031027f..5bd19af90ef3fe 100644
--- a/.github/workflows/ci_security.yml
+++ b/.github/workflows/ci_security.yml
@@ -25,11 +25,13 @@ jobs:
         with:
           persist-credentials: false
 
-      - name: Install the latest version of uv
-        uses: astral-sh/setup-uv@38f3f104447c67c051c4a08e39b64a148898af3a # v4
+      - name: Install zizmor
+        uses: taiki-e/install-action@8c39981484df4e7ba41af8e8e078ac546d5e1b11 # v2.46.8
+        with:
+          tool: zizmor
 
-      - name: Run zizmor 🌈
-        run: uvx zizmor --format sarif . > results.sarif
+      - name: Run zizmor
+        run: zizmor --pedantic --format sarif .github/workflows > results.sarif
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}