From 58f27218611074b7f4f43d7b57b91ffbf440beba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tin=20Tvrtkovi=C4=87?= <tinchester@gmail.com>
Date: Sat, 7 Dec 2024 23:20:57 +0100
Subject: [PATCH 1/2] Run Zizmor via uv

---
 .github/workflows/zizmor.yml | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml
index 4b10100c..28635130 100644
--- a/.github/workflows/zizmor.yml
+++ b/.github/workflows/zizmor.yml
@@ -1,4 +1,3 @@
-# https://github.com/woodruffw/zizmor
 name: Zizmor
 
 on:
@@ -10,24 +9,24 @@ on:
 permissions:
   contents: read
 
-
 jobs:
   zizmor:
-    name: Zizmor latest via Cargo
+    name: Zizmor latest via uv
     runs-on: ubuntu-latest
     permissions:
       security-events: write
+
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
         with:
           persist-credentials: false
-      - name: Setup Rust
-        uses: actions-rust-lang/setup-rust-toolchain@v1
-      - name: Get zizmor
-        run: cargo install zizmor
+      - name: Install the latest version of uv
+        uses: astral-sh/setup-uv@v4
+        with:
+          version: "latest"
       - name: Run zizmor
-        run: zizmor --format sarif . > results.sarif
+        run: uvx zizmor --format sarif . > results.sarif
       - name: Upload SARIF file
         uses: github/codeql-action/upload-sarif@v3
         with:

From bf1b98958d43342e1126b470d389c4defc433522 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tin=20Tvrtkovi=C4=87?= <tinchester@gmail.com>
Date: Sat, 7 Dec 2024 23:24:09 +0100
Subject: [PATCH 2/2] Update PDM while we're at it

---
 .github/workflows/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 3124f030..64a03019 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -27,7 +27,7 @@ jobs:
           python-version: "${{ matrix.python-version }}"
           allow-python-prereleases: true
           cache: true
-          version: "2.19.2"
+          version: "2.21.0"
 
       - name: "Run Tox"
         run: |
@@ -113,7 +113,7 @@ jobs:
       - uses: "pdm-project/setup-pdm@v4"
         with:
           python-version: "3.12"
-          version: "2.19.2"
+          version: "2.21.0"
 
       - name: "Install check-wheel-content and twine"
         run: "python -m pip install twine check-wheel-contents"