From 0cd40b2d7856acf503c0787da54b4116fd246eeb Mon Sep 17 00:00:00 2001
From: William Woodruff <william@astral.sh>
Date: Tue, 2 Sep 2025 09:25:56 -0400
Subject: [PATCH] ci: move zizmor to test workflow

Signed-off-by: William Woodruff <william@astral.sh>
---
 .github/workflows/test.yml   |  4 ++++
 .github/workflows/zizmor.yml | 24 ------------------------
 2 files changed, 4 insertions(+), 24 deletions(-)
 delete mode 100644 .github/workflows/zizmor.yml

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 4ee4be3..4bd01d4 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -18,12 +18,16 @@ permissions:
 jobs:
   lint:
     runs-on: ubuntu-latest
+    permissions:
+      security-events: write # for zizmor
     steps:
       - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           persist-credentials: false
       - name: Actionlint
         uses: eifinger/actionlint-action@23c85443d840cd73bbecb9cddfc933cc21649a38  # v1.9.1
+      - name: Run zizmor
+        uses: zizmorcore/zizmor-action@5ca5fc7a4779c5263a3ffa0e1f693009994446d1 # v0.1.2
       - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
         with:
           node-version: "20"
diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml
deleted file mode 100644
index 8601134..0000000
--- a/.github/workflows/zizmor.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-name: zizmor
-
-on:
-  push:
-    branches: ["main"]
-  pull_request:
-    branches: ["**"]
-
-permissions: {}
-
-jobs:
-  zizmor:
-    name: Run zizmor
-    runs-on: ubuntu-latest
-    permissions:
-      security-events: write
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-        with:
-          persist-credentials: false
-
-      - name: Run zizmor
-        uses: zizmorcore/zizmor-action@5ca5fc7a4779c5263a3ffa0e1f693009994446d1 # v0.1.2