From 1dcc67c241b811d0d1f85fe7166dbc0942ebbe42 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aur=C3=A9lien=20Bombo?= <abombo@microsoft.com>
Date: Tue, 22 Jul 2025 13:03:06 -0500
Subject: [PATCH] security: gha: Use Zizomor's auditor mode
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This is the strictest possible setting for Zizmor.

Signed-off-by: Aurélien Bombo <abombo@microsoft.com>
---
 .github/workflows/zizmor.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/zizmor.yaml b/.github/workflows/zizmor.yaml
index 51db22058a..6e494e8681 100644
--- a/.github/workflows/zizmor.yaml
+++ b/.github/workflows/zizmor.yaml
@@ -26,3 +26,5 @@ jobs:
 
       - name: Run zizmor
         uses: zizmorcore/zizmor-action@f52a838cfabf134edcbaa7c8b3677dde20045018 # v0.1.1
+        with:
+          persona: auditor