yossarian (1.3.6.1.4.1.55738)
great post from the folks over at grafana about how they’re using zizmor at scale across their whole estate: https://grafana.com/blog/2025/06/26/how-to-detect-vulnerable-github-actions-at-scale-with-zizmor/
How to detect vulnerable GitHub Actions at scale with Zizmor | Grafana Labs

In order to harden our infrastructure and pipelines, we have introduced the open source tool Zizmor into our CI/CD pipelines.

Grafana Labs
Jun 27 at 8:16pmWeb