+
Skip to content

feat: add support for color input #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Aug 28, 2025
Merged

feat: add support for color input #37

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
44fadc8
feat: add support for `color` input
birjj Aug 26, 2025
d979586
fix: correct syntax error in Bash code
birjj Aug 26, 2025
435d97b
refact: swap `color` input to a bool input
birjj Aug 27, 2025
960f52e
docs: add `color` input to README
birjj Aug 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -220,6 +220,12 @@ when [`advanced-security`](#advanced-security) is enabled.
will not upload results to Advanced Security, and will instead
print them to the console.

### `color`

*Default*: `true`

`color` controls whether `zizmor-action` outputs colorized log output.

## Permissions

`zizmor-action` requires different permissions depending on how you use it.
Expand Down
4 changes: 1 addition & 3 deletions action.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ fi
[[ "${GHA_ZIZMOR_ONLINE_AUDITS}" == "true" ]] || arguments+=("--no-online-audits")
[[ -n "${GHA_ZIZMOR_MIN_SEVERITY}" ]] && arguments+=("--min-severity=${GHA_ZIZMOR_MIN_SEVERITY}")
[[ -n "${GHA_ZIZMOR_MIN_CONFIDENCE}" ]] && arguments+=("--min-confidence=${GHA_ZIZMOR_MIN_CONFIDENCE}")
[[ "${GHA_ZIZMOR_COLOR}" == "true" ]] && arguments+=("--color=always") || arguments+=("--color=never")

image="ghcr.io/zizmorcore/zizmor:${GHA_ZIZMOR_VERSION#v}"

Expand All @@ -60,8 +61,6 @@ image="ghcr.io/zizmorcore/zizmor:${GHA_ZIZMOR_VERSION#v}"
# like '.' resolve correctly.
# - We pass the GitHub token as an environment variable so that zizmor
# can run online audits/perform online collection if requested.
# - We pass FORCE_COLOR=1 so that the output is always colored, even
# though we intentionally don't `docker run -it`.
# - ${GHA_ZIZMOR_INPUTS} is intentionally not quoted, so that
# it can expand according to the shell's word-splitting rules.
# However, we put it after `--` so that it can't be interpreted
Expand All @@ -73,7 +72,6 @@ docker run \
--volume "${GITHUB_WORKSPACE}:/workspace:ro" \
--workdir "/workspace" \
--env "GH_TOKEN=${GHA_ZIZMOR_TOKEN}" \
--env "FORCE_COLOR=1" \
"${image}" \
"${arguments[@]}" \
-- \
Expand Down
6 changes: 6 additions & 0 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,11 @@ inputs:
results to the repository's security tab.
required: false
default: "true"
color:
description: |
Whether zizmor should output colorized CLI output.
required: false
default: "true"

runs:
using: composite
Expand All @@ -73,6 +78,7 @@ runs:
GHA_ZIZMOR_VERSION: ${{ inputs.version }}
GHA_ZIZMOR_TOKEN: ${{ inputs.token }}
GHA_ZIZMOR_ADVANCED_SECURITY: ${{ inputs.advanced-security }}
GHA_ZIZMOR_COLOR: ${{ inputs.color }}
shell: bash

- name: Upload SARIF file to GitHub Advanced Security
Expand Down
Loading
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载