William Woodruff
|
68dead207f
|
sketching
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-09-14 10:34:12 -04:00 |
|
William Woodruff
|
7aabee28ce
|
Merge branch 'main' into ww/docker-uses-patterns
|
2025-09-14 09:18:35 -04:00 |
|
William Woodruff
|
13465ab42f
|
fix: handle another cache setting in setup-node (#1153)
Benchmark baseline / Continuous Benchmarking with Bencher (push) Waiting to run
CI / Lint (push) Waiting to run
CI / Test (push) Waiting to run
CI / Test site build (push) Waiting to run
CI / All tests pass (push) Blocked by required conditions
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (manylinux) (push) Waiting to run
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (musllinux) (push) Waiting to run
zizmor wheel builds for PyPI 🐍 / Build Windows wheels (push) Waiting to run
zizmor wheel builds for PyPI 🐍 / Build macOS wheels (push) Waiting to run
zizmor wheel builds for PyPI 🐍 / Build source distribution (push) Waiting to run
zizmor wheel builds for PyPI 🐍 / Release (push) Blocked by required conditions
Deploy zizmor documentation site 🌐 / Deploy zizmor documentation to GitHub Pages 🌐 (push) Waiting to run
GitHub Actions Security Analysis with zizmor 🌈 / Run zizmor 🌈 (push) Waiting to run
|
2025-09-14 09:09:41 -04:00 |
|
William Woodruff
|
99d1025690
|
sketching
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-09-14 00:29:17 -04:00 |
|
William Woodruff
|
fcd24a3a1a
|
feat: begin adding docker image uses patterns
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-09-14 00:11:12 -04:00 |
|
William Woodruff
|
bcaa1bb94e
|
chore: prep for v1.13.0 release (#1147)
|
2025-09-12 19:25:00 -04:00 |
|
John Blackbourn
|
e0ec65a187
|
Introduce a rule which suggests that permissions are documented (#1131)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-09-11 21:50:44 -04:00 |
|
William Woodruff
|
4a92dfc412
|
refactor: move expr call APIs to a new module (#1143)
|
2025-09-11 21:34:07 -04:00 |
|
Mostafa Moradian
|
5a4d4e5785
|
Add Fixes for obfuscation audit rule (#1088)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-09-11 21:07:04 -04:00 |
|
William Woodruff
|
8b5a35835f
|
bugfix(deps): bump annotate-snippets to 0.12.2 (#1136)
|
2025-09-03 22:41:29 -04:00 |
|
William Woodruff
|
7636eca468
|
chore(tests): add testcases for #742 (#1134)
Benchmark baseline / Continuous Benchmarking with Bencher (push) Has been cancelled
CI / Lint (push) Has been cancelled
CI / Test (push) Has been cancelled
CI / Test site build (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (manylinux) (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (musllinux) (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Windows wheels (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build macOS wheels (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build source distribution (push) Has been cancelled
Deploy zizmor documentation site 🌐 / Deploy zizmor documentation to GitHub Pages 🌐 (push) Has been cancelled
GitHub Actions Security Analysis with zizmor 🌈 / Run zizmor 🌈 (push) Has been cancelled
CI / All tests pass (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Release (push) Has been cancelled
|
2025-09-02 03:07:57 +00:00 |
|
William Woodruff
|
f95c1a57b9
|
feat: allow audits to be disabled in config (#1132)
|
2025-09-01 22:52:39 -04:00 |
|
William Woodruff
|
2b3cb27ee4
|
fix: respect --strict-collection for remote inputs (#1122)
CI / Lint (push) Has been cancelled
CI / Test (push) Has been cancelled
CI / Test site build (push) Has been cancelled
Deploy zizmor documentation site 🌐 / Deploy zizmor documentation to GitHub Pages 🌐 (push) Has been cancelled
Benchmark baseline / Continuous Benchmarking with Bencher (push) Has been cancelled
GitHub Actions Security Analysis with zizmor 🌈 / Run zizmor 🌈 (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (manylinux) (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (musllinux) (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Windows wheels (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build macOS wheels (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build source distribution (push) Has been cancelled
CI / All tests pass (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Release (push) Has been cancelled
|
2025-08-29 23:39:49 -04:00 |
|
dependabot[bot]
|
56c2a1cd92
|
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 (#1121)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-08-29 23:14:00 -04:00 |
|
William Woodruff
|
d75933e72d
|
feat: load separate configs for input groups (#1094)
Benchmark baseline / Continuous Benchmarking with Bencher (push) Has been cancelled
CI / Lint (push) Has been cancelled
CI / Test (push) Has been cancelled
CI / Test site build (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (manylinux) (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (musllinux) (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Windows wheels (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build macOS wheels (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build source distribution (push) Has been cancelled
Deploy zizmor documentation site 🌐 / Deploy zizmor documentation to GitHub Pages 🌐 (push) Has been cancelled
GitHub Actions Security Analysis with zizmor 🌈 / Run zizmor 🌈 (push) Has been cancelled
CI / All tests pass (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Release (push) Has been cancelled
|
2025-08-27 23:39:13 -04:00 |
|
William Woodruff
|
9d6aa92a77
|
refactor: add groups to the input registry (#1092)
|
2025-08-17 15:42:15 -04:00 |
|
William Woodruff
|
9e1b115128
|
refactor: give input registry APIs their own mod (#1091)
|
2025-08-16 19:18:45 -04:00 |
|
William Woodruff
|
dbc12d4a21
|
chore: prep release v1.12.1 (#1083)
|
2025-08-15 00:27:09 -04:00 |
|
William Woodruff
|
311392251d
|
fix: flip setup-uv coordinate toggle (#1082)
|
2025-08-15 00:20:56 -04:00 |
|
William Woodruff
|
ad779b7637
|
chore: bump MSRV (#1076)
|
2025-08-13 09:48:06 -04:00 |
|
William Woodruff
|
6c13403922
|
chore: fix warnings in latest Rust (#1075)
|
2025-08-13 13:36:47 +00:00 |
|
William Woodruff
|
982be2397b
|
chore: prep for release v1.12.0 (#1073)
|
2025-08-13 09:18:57 -04:00 |
|
William Woodruff
|
d306c4acb9
|
chore: bump github-actions-expressions to 0.0.9 (#1074)
|
2025-08-13 13:11:45 +00:00 |
|
Mostafa Moradian
|
ea59c810f8
|
Detect shell before applying template expression fixes (#1064)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-08-09 01:54:19 -04:00 |
|
William Woodruff
|
4313ab39d3
|
fix: fix overcorrected env patch for template-injection (#1061)
|
2025-08-05 23:59:46 -04:00 |
|
William Woodruff
|
053af120a2
|
feat: another template injection sink (#1059)
|
2025-08-04 18:58:17 -04:00 |
|
github-actions[bot]
|
8313c33d93
|
[BOT] update JSON schemas from SchemaStore (#1057)
Co-authored-by: woodruffw <3059210+woodruffw@users.noreply.github.com>
|
2025-08-04 18:42:36 -04:00 |
|
William Woodruff
|
cf0abd3da0
|
chore: add TODO (#1056)
|
2025-08-04 03:59:57 +00:00 |
|
William Woodruff
|
e4d66d00e6
|
feat: new audit: unsound-condition (#1053)
|
2025-08-02 21:51:30 -04:00 |
|
Mostafa Moradian
|
0dcd6eba53
|
Add Fix for insecure-commands audit rule (#1045)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-07-31 19:25:26 -04:00 |
|
William Woodruff
|
b367c02ccf
|
feat: support crates.io in use-trusted-publishing (#1042)
|
2025-07-29 01:08:24 -04:00 |
|
William Woodruff
|
6b01af8c8f
|
refactor: remove RwLock from github-env audit (#1041)
|
2025-07-24 22:57:51 -04:00 |
|
William Woodruff
|
14961ac826
|
refactor: generalize use-trusted-publishing audit (#1037)
|
2025-07-23 00:14:18 -04:00 |
|
William Woodruff
|
aa7425c927
|
refactor: isolate json-v1 output format (#1036)
|
2025-07-22 22:04:53 -04:00 |
|
Mostafa Moradian
|
558bec2669
|
Add Fix for known-vulnerable-actions audit rule (#1019)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-07-20 21:08:14 -04:00 |
|
William Woodruff
|
bb4cd6b582
|
chore: remove unused imports in tests (#1031)
|
2025-07-17 02:12:29 +00:00 |
|
William Woodruff
|
353b4017cb
|
refactor: add subfeature crate (#1030)
|
2025-07-17 02:08:29 +00:00 |
|
Andrea Jemmett
|
b87e2d3862
|
bugfix: sanitize gh_token & avoid panic (#1027)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-07-15 22:19:25 +00:00 |
|
William Woodruff
|
f008e66357
|
chore: bump yamlpatch, yamlpath crates (#1016)
|
2025-07-08 23:42:54 -04:00 |
|
William Woodruff
|
5592389287
|
refactor: dedupe route/query types (#1014)
|
2025-07-08 22:12:08 -04:00 |
|
Mostafa Moradian
|
c3706e2d84
|
Add Fix for cache-poisoning audit rule (#923)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-07-08 20:39:55 -04:00 |
|
William Woodruff
|
cc92548a3d
|
bugfix(cli): forbid some empty values for options (#1013)
|
2025-07-07 18:01:27 -04:00 |
|
William Woodruff
|
5804aeea0d
|
chore(docs): add yamlpatch to list of crates (#1009)
|
2025-07-02 23:43:57 +00:00 |
|
Mostafa Moradian
|
8f7e3eeb8d
|
Extract yamlpatch into a support crate (#1001)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-07-02 19:35:48 -04:00 |
|
William Woodruff
|
32558743e2
|
chore: prep for 1.11.1-rc1 release (#1008)
|
2025-07-02 19:19:26 -04:00 |
|
William Woodruff
|
495a0877fb
|
chore(ci): try using TP for support crates (#1006)
|
2025-07-02 19:07:30 -04:00 |
|
William Woodruff
|
5d04e8907a
|
chore(ci): refactor package name handling for support crates (#1005)
|
2025-07-02 18:34:05 -04:00 |
|
William Woodruff
|
ed0586a0b6
|
refactor: simplify MergeInto patch op (#999)
|
2025-07-01 15:53:33 -04:00 |
|
Mostafa Moradian
|
2254ef6dd3
|
Fix autofix for template-injection (#995)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-07-01 09:37:32 -04:00 |
|
William Woodruff
|
1cc8f934e6
|
chore: release 1.11.0 (#993)
|
2025-06-30 14:58:49 -04:00 |
|