From 06f5ce532981592a69d39a8ac7ebbe489fedd221 Mon Sep 17 00:00:00 2001
From: Carl Tashian <carl@smallstep.com>
Date: Wed, 4 Mar 2026 12:10:12 -0800
Subject: [PATCH] =?UTF-8?q?Deprecate=20frizbee=20check=20=E2=80=94=20alrea?=
 =?UTF-8?q?dy=20covered=20by=20zizmor?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Unpinned action detection is handled by zizmor, making frizbee
redundant. Replace with a noop to avoid duplicate checks while
keeping the workflow_call interface for backwards compatibility.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .github/workflows/frizbee.yml | 19 ++-----------------
 1 file changed, 2 insertions(+), 17 deletions(-)

diff --git a/.github/workflows/frizbee.yml b/.github/workflows/frizbee.yml
index 4e81e6b..ca66704 100644
--- a/.github/workflows/frizbee.yml
+++ b/.github/workflows/frizbee.yml
@@ -1,3 +1,4 @@
+# Deprecated: unpinned action detection is already covered by zizmor.
 name: Frizbee pinning check
 on:
   workflow_call:
@@ -7,20 +8,4 @@ jobs:
     name: frizbee
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
-      - name: Install frizbee
-        env:
-          GITHUB_TOKEN: ${{ github.token }}
-        run: |
-          gh release download v0.1.8 --repo stacklok/frizbee \
-            --pattern 'frizbee_0.1.8_linux_amd64.tar.gz' \
-            --output frizbee.tar.gz
-          tar -xzf frizbee.tar.gz frizbee
-          sudo mv frizbee /usr/local/bin/
-          rm frizbee.tar.gz
-      - name: Check pinning
-        env:
-          GITHUB_TOKEN: ${{ github.token }}
-        run: frizbee actions --dry-run --error .github/workflows/
+      - run: echo "Skipped — unpinned action detection is covered by zizmor."