make pedantic and silence info logs

NicholasTanz · NicholasTanz · commit a6fc6062989c · 2025-02-20T17:46:48.000-05:00
Signed-off-by: NicholasTanz &lt;nicholastanzillo@gmail.com&gt;
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
@@ -67,7 +67,7 @@ jobs:
             res = await github.rest.repos.createRelease({
               owner: context.repo.owner,
               repo: context.repo.repo,
-              name: process.env.REF_NAME-rc,
+              name: process.env.REF_NAME + '-rc',
               tag_name: process.env.REF,
               body: fs.readFileSync('changelog', 'utf8'),
             });
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -28,9 +28,9 @@ jobs:
         persist-credentials: false
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3 # unpinned since this is not security critical
+      uses: github/codeql-action/init@v3 # zizmor: ignore[unpinned-uses]
       with:
         languages: 'python'
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3 # unpinned since this is not security critical
+      uses: github/codeql-action/analyze@v3 # zizmor: ignore[unpinned-uses]
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -20,4 +20,4 @@ jobs:
         with:
           persist-credentials: false
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v4 # unpinned since this is not security critical
+        uses: actions/dependency-review-action@v4 # zizmor: ignore[unpinned-uses]
diff --git a/.github/workflows/maintainer-permissions-reminder.yml b/.github/workflows/maintainer-permissions-reminder.yml
@@ -5,13 +5,14 @@ on:
     - cron: '10 10 10 2 *'
   workflow_dispatch:
 
-permissions:
-  issues: write
+permissions: {}
 
 jobs:
   file-reminder-issue:
     name: File issue to review maintainer permissions
     runs-on: ubuntu-latest
+    permissions:
+      issues: write
     steps:
     - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
       with:
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -37,6 +37,6 @@ jobs:
           publish_results: true
 
       - name: "Upload to code-scanning dashboard"
-        uses: github/codeql-action/upload-sarif@v3  # unpinned since this is not security critical
+        uses: github/codeql-action/upload-sarif@v3 # zizmor: ignore[unpinned-uses]
         with:
           sarif_file: results.sarif
diff --git a/tox.ini b/tox.ini
@@ -42,7 +42,7 @@ commands =
     ruff format --diff {[testenv:lint]lint_dirs}
 
     mypy {[testenv:lint]lint_dirs}
-    zizmor .
+    zizmor --persona=pedantic -q .
 
 [testenv:fix]
 deps = {[testenv:lint]deps}
