Goal
Apply zizmor security best practices to GitHub Actions workflows across all usegalaxy-eu repositories.
Security Improvements
- Add
persist-credentials: false to checkout steps
- Fix template injection vulnerabilities
- Add
permissions: {} for least-privilege access
- Add zizmor CI workflow for ongoing security scanning
- Add dependabot for GitHub Actions updates
Progress
Completed
Pending
References
Goal
Apply zizmor security best practices to GitHub Actions workflows across all usegalaxy-eu repositories.
Security Improvements
persist-credentials: falseto checkout stepspermissions: {}for least-privilege accessProgress
Completed
Pending
References