🔒️ Add zizmor and fix audit findings #1772
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Issue Manager | |
| on: | |
| schedule: | |
| - cron: "13 19 * * *" | |
| issue_comment: | |
| types: | |
| - created | |
| issues: | |
| types: | |
| - labeled | |
| pull_request_target: # zizmor: ignore[dangerous-triggers] | |
| types: | |
| - labeled | |
| workflow_dispatch: | |
| permissions: {} | |
| jobs: | |
| issue-manager: | |
| if: github.repository_owner == 'fastapi' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| issues: write | |
| pull-requests: write | |
| steps: | |
| - name: Dump GitHub context | |
| env: | |
| GITHUB_CONTEXT: ${{ toJson(github) }} | |
| run: echo "$GITHUB_CONTEXT" | |
| - uses: tiangolo/issue-manager@2fb3484ec9279485df8659e8ec73de262431737d # 0.6.0 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| config: > | |
| { | |
| "answered": { | |
| "delay": 864000, | |
| "message": "Assuming the original need was handled, this will be automatically closed now. But feel free to add more comments or create new issues or PRs." | |
| }, | |
| "waiting": { | |
| "delay": 2628000, | |
| "message": "As this PR has been waiting for the original user for a while but seems to be inactive, it's now going to be closed. But if there's anyone interested, feel free to create a new PR.", | |
| "reminder": { | |
| "before": "P3D", | |
| "message": "Heads-up: this will be closed in 3 days unless there’s new activity." | |
| } | |
| } | |
| } |