Mostafa Moradian
|
2254ef6dd3
|
Fix autofix for template-injection (#995)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-07-01 09:37:32 -04:00 |
|
William Woodruff
|
1cc8f934e6
|
chore: release 1.11.0 (#993)
|
2025-06-30 14:58:49 -04:00 |
|
William Woodruff
|
44a27e2435
|
feat: LSP skeleton code from #607 (#984)
|
2025-06-30 14:53:25 -04:00 |
|
William Woodruff
|
ac6f6e2c76
|
bugfix: repro, #988 (#989)
|
2025-06-30 01:53:41 -04:00 |
|
Mostafa Moradian
|
42862eb02e
|
Add Fix for bot-conditions audit rule (#921)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-06-27 18:25:30 -06:00 |
|
William Woodruff
|
87675402f2
|
chore(docs): remove demo file, link to zizmor.sh (#978)
|
2025-06-26 12:57:06 -06:00 |
|
William Woodruff
|
39f229f7c5
|
chore: prep for release v1.10.0 (#977)
|
2025-06-26 18:28:57 +00:00 |
|
William Woodruff
|
e69f17cfdd
|
refactor: prepare fix mode for a public experimental release (#975)
|
2025-06-26 12:10:08 -06:00 |
|
William Woodruff
|
ec2f674ca3
|
chore(docs): bump trophies (#974)
|
2025-06-25 19:35:18 +00:00 |
|
William Woodruff
|
8505b968b4
|
feat: detect computed indices as potential obfuscation (#969)
|
2025-06-24 18:27:20 -06:00 |
|
William Woodruff
|
4615ee25c1
|
template-injection: add subfeatures (#958)
* yamlpath: key-only extraction
Signed-off-by: William Woodruff <william@yossarian.net>
* bump tests, work in key-only symbolic locations
Signed-off-by: William Woodruff <william@yossarian.net>
* add related locations
Signed-off-by: William Woodruff <william@yossarian.net>
* drop format
Signed-off-by: William Woodruff <william@yossarian.net>
* WIP multiline subspanning
Signed-off-by: William Woodruff <william@yossarian.net>
* hackety hack
Signed-off-by: William Woodruff <william@yossarian.net>
* hackety hack
Signed-off-by: William Woodruff <william@yossarian.net>
* cleanup
Signed-off-by: William Woodruff <william@yossarian.net>
* update release notes
Signed-off-by: William Woodruff <william@yossarian.net>
* clippy
Signed-off-by: William Woodruff <william@yossarian.net>
---------
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-06-23 00:34:12 -06:00 |
|
William Woodruff
|
f12df339fd
|
chore(docs): add Trail of Bits as a sponsor (#961)
|
2025-06-21 05:24:45 +00:00 |
|
William Woodruff
|
f03869f52b
|
feat: location subspans/subfeatures (#949)
|
2025-06-19 16:41:39 -04:00 |
|
William Woodruff
|
64f9be57c9
|
feat: better error messages for invalid inputs (#956)
|
2025-06-19 12:16:03 -04:00 |
|
Ron
|
a63a2eaf6c
|
chore(docs): add trophy for philips-software/amp-devcontainer (#953)
|
2025-06-19 10:07:17 -04:00 |
|
William Woodruff
|
e60eb434db
|
chore(cli): add --thanks (#951)
|
2025-06-18 12:43:41 -04:00 |
|
William Woodruff
|
18454b8242
|
chore(docs): update sponsors (#950)
|
2025-06-18 16:09:50 +00:00 |
|
Max Marrone
|
8bc8e9082b
|
Unfix accidentally-fixed ref-pinning example. (#948)
|
2025-06-16 18:18:18 -04:00 |
|
William Woodruff
|
2345b8d4bd
|
chore(docs): bump trophies (#944)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-06-14 00:42:37 +00:00 |
|
William Woodruff
|
d9fc0e1a23
|
chore(ci): address pedantic zizmor findings (#943)
|
2025-06-13 20:36:09 -04:00 |
|
Andrew Pollack
|
c6f0e29d4d
|
feat: new audit: anonymous-definition (#937)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-06-13 20:17:11 -04:00 |
|
William Woodruff
|
fa7ec414ac
|
chore(docs): bump trophies (#941)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-06-12 20:58:34 +00:00 |
|
Andrew Pollack
|
3f087de8ec
|
docs: add trophy for rust-lang/this-week-in-rust (#936)
|
2025-06-12 04:05:11 +00:00 |
|
William Woodruff
|
ec66e90d95
|
chore(docs): bump trophies (#934)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-06-10 18:14:32 +00:00 |
|
William Woodruff
|
af9b871e0b
|
chore(docs): bump trophies (#929)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-06-09 19:22:31 +00:00 |
|
William Woodruff
|
af90938464
|
chore(docs): release notes for #919 (#922)
|
2025-06-08 18:57:34 +00:00 |
|
William Woodruff
|
7c697cb6c2
|
feat: handle default envvars when fixing template injections (#911)
|
2025-06-07 20:06:49 -04:00 |
|
William Woodruff
|
3116d45e77
|
chore(docs): bump trophies (#917)
|
2025-06-07 23:12:42 +00:00 |
|
William Woodruff
|
9ff90c40cb
|
bugfix: put longer comp_op variants ahead (#916)
|
2025-06-07 19:02:56 -04:00 |
|
William Woodruff
|
7eab9be6cf
|
chore(docs): bump trophies (#909)
|
2025-06-07 07:08:41 +00:00 |
|
William Woodruff
|
0a7c6c89b7
|
chore(docs): tweak chip rendering (#908)
|
2025-06-06 23:33:11 -04:00 |
|
William Woodruff
|
2737e33eba
|
chore(docs): bump trophies (#907)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-06-06 21:31:44 +00:00 |
|
William Woodruff
|
ad7b6d03fa
|
feat: improve bot-conditions checks (#905)
|
2025-06-06 17:28:57 -04:00 |
|
William Woodruff
|
a1252c260c
|
feat: support composite actions in use-trusted-publishing (#899)
|
2025-06-05 17:00:20 -04:00 |
|
William Woodruff
|
31d76c45c0
|
chore(docs): bump trophies (#897)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-06-05 20:06:45 +00:00 |
|
William Woodruff
|
2f4c874499
|
feat: artipacked now supported composite actions (#896)
|
2025-06-05 13:38:59 -04:00 |
|
William Woodruff
|
73dfa03a41
|
docs: mention zizmorcore/zizmor-action (#895)
|
2025-06-05 04:05:21 +00:00 |
|
William Woodruff
|
c2b4ab572b
|
chore(docs): bump trophies (#892)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-06-04 22:04:07 +00:00 |
|
William Woodruff
|
45be0d61bd
|
chore(docs): bump trophies (#889)
|
2025-06-03 04:52:57 +00:00 |
|
William Woodruff
|
a4a657f9be
|
fix: remove spurious panic in env handling (#887)
|
2025-06-02 14:34:06 -04:00 |
|
William Woodruff
|
5fbfaebd18
|
chore: prep for 1.9.0 release (#877)
|
2025-05-30 17:28:21 -04:00 |
|
William Woodruff
|
32d8821b48
|
chore(docs): update sponsors (#875)
|
2025-05-30 19:55:59 +00:00 |
|
William Woodruff
|
04768b6f53
|
chore(docs): bump trophies (#870)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-05-28 22:20:53 +00:00 |
|
Daniel M
|
5d49dce4ed
|
add django-tasks-scheduler (#869)
|
2025-05-28 20:04:52 +00:00 |
|
Daniel M
|
8a05bd3c6b
|
chore(docs): bump trophies (#866)
|
2025-05-28 10:53:55 -04:00 |
|
tiymat
|
3545ae6171
|
fix: update error message to handle enterprise servers (#863)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-05-28 02:52:37 +00:00 |
|
William Woodruff
|
5b8ff92b80
|
docs: cleanup permissions information (#862)
|
2025-05-27 13:54:51 -04:00 |
|
William Woodruff
|
e61e6c8ea1
|
chore(docs): bump trophies (#861)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-05-26 23:30:11 +00:00 |
|
Natalie Somersall
|
c9983513df
|
Update usage directions to explicitly state permissions needed (#856)
|
2025-05-25 17:53:31 -04:00 |
|
William Woodruff
|
5d6a31931f
|
feat: add CodeQL injection sink data (#849)
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
|
2025-05-25 12:14:56 -04:00 |
|