Avatar for the aristanetworks user
aristanetworks
anta
BlogDocsChangelog

Performance History

Latest Results

ci: Add zizmor to the repo (#1494) * CI: Add zizmor to the repo - Add a dedicated zizmor dependency group so the audit tool is installed with pip in the existing Python-only workflow model. - Add a zizmor GitHub Actions workflow that audits the full .github directory on relevant PRs and pushes, matching local and CI coverage. - Add the official zizmor pre-commit hook so contributors can catch GitHub Actions security findings before CI. - Pin external GitHub Actions to commit SHAs while keeping version comments for readability and supply-chain review. - Disable checkout credential persistence where jobs only need read access so later steps cannot reuse the checkout token implicitly. - Add explicit minimal workflow and job permissions so each workflow only receives the token scopes it needs. - Keep write permissions for documentation, package, container, PR-label, and PR-assignment jobs because those workflows publish or update repository metadata. - Move PR titles, workflow inputs, refs, and derived values into environment variables before shell use to avoid GitHub expression template injection. - Rework the release-note labeler composite action to avoid GITHUB_ENV for PR-controlled values while preserving the shared local-action pattern used across repos. - Add Dependabot cooldowns to reduce update churn and satisfy zizmor’s Dependabot audit. - Document the remaining pull_request_target tradeoffs in .github/TODO.md, including which workflows still need metadata write access and which could be split later. - Add documented zizmor ignores for intentional pull_request_target workflows that do not execute untrusted PR code. * CI: Make pre-commit happy again * CI: Make pre-commit happy again * CI: Need to live with our time * Apply suggestions from code review Co-authored-by: Guillaume Mulocher <gmulocher@arista.com> * Refactor: Use the latest versions please
main
4 hours ago
Refactor: Use the latest versions please
gmuloc:ci-zizmor
1 day ago
Apply suggestions from code review Co-authored-by: Guillaume Mulocher <gmulocher@arista.com>
gmuloc:ci-zizmor
1 day ago
CI: Need to live with our time
gmuloc:ci-zizmor
2 days ago
feat: Add session support to asynceapi
geetanjalimanegslab:issue_1485_session_support_asyncapi
3 days ago
feat: Add session support to asynceapi
geetanjalimanegslab:issue_1485_session_support_asyncapi
4 days ago
Addressed review comments: updated failure msg and added more unit tests
vitthalmagadum:enhance/VerifyEnvironmentPower
8 days ago
Addressed review comments: updated failure msg and added more unit tests
vitthalmagadum:enhance/VerifyEnvironmentPower
8 days ago

Latest Branches

CodSpeed Performance Gauge
0%
ci: Add zizmor to the repo #1494
1 day ago
d60f4a9
gmuloc:ci-zizmor
CodSpeed Performance Gauge
0%
feat(anta.tests): Add session support to asynceapi#1492
4 days ago
a3f73c9
geetanjalimanegslab:issue_1485_session_support_asyncapi
CodSpeed Performance Gauge
0%
refactor(anta.tests): Add support to test(VerifyEnvironmentPower) single connected PSU on dual PSU switch#1483
8 days ago
4eae8d2
vitthalmagadum:enhance/VerifyEnvironmentPower
© 2026 CodSpeed Technology
Home Terms Privacy Docs