From 2b6412a5b213b769a667d78164ef5863f7a67d5b Mon Sep 17 00:00:00 2001
From: William Storey <wstorey@maxmind.com>
Date: Thu, 9 Oct 2025 22:07:23 +0000
Subject: [PATCH] Run zizmor via zizmorcore/zizmor-action

---
 .github/workflows/zizmor.yml | 15 +++------------
 1 file changed, 3 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml
index dc26a20..c2c394f 100644
--- a/.github/workflows/zizmor.yml
+++ b/.github/workflows/zizmor.yml
@@ -6,27 +6,18 @@ on:
   pull_request:
     branches: ["**"]
 
+permissions: {}
+
 jobs:
   zizmor:
-    name: zizmor latest via PyPI
     runs-on: ubuntu-latest
     permissions:
       security-events: write
-      # required for workflows in private repositories
-      contents: read
-      actions: read
     steps:
       - name: Checkout repository
         uses: actions/checkout@v5
         with:
           persist-credentials: false
 
-      - name: Install the latest version of uv
-        uses: astral-sh/setup-uv@eb1897b8dc4b5d5bfe39a428a8f2304605e0983c # 7.0.0
-        with:
-          enable-cache: false
-
       - name: Run zizmor
-        run: uvx zizmor@1.13.0 --format plain .
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        uses: zizmorcore/zizmor-action@e673c3917a1aef3c65c972347ed84ccd013ecda4 # v0.2.0