zizmor

mirror of https://github.com/zizmorcore/zizmor.git synced 2025-12-23 08:47:33 +00:00

Author	SHA1	Message	Date
William Woodruff	4fdfdb6469	refactor: improve context handling (#491 )	2025-01-27 02:01:57 -05:00
William Woodruff	eb31888106	feat(cli): add naches mode (#490 )	2025-01-26 20:27:35 -05:00
William Woodruff	59fa1b67b2	release-notes: record #485 (#489 )	2025-01-26 19:34:17 +00:00
William Woodruff	b47bbfba07	deps: bump github-actions-models (#487 )	2025-01-24 21:24:14 +00:00
William Woodruff	f3c1306974	feat: improve parse error slightly (#482 )	2025-01-21 20:44:05 -05:00
William Woodruff	fa0aa8cece	bugfix: collect actions from subdirectories of .github/workflows (#477 )	2025-01-19 01:12:08 -05:00
William Woodruff	a91a02162a	chore: prep for 1.2.2 release (#476 )	2025-01-18 23:53:34 -05:00
William Woodruff	5baaaf2531	feat: improve error message when repo fetch fails (#475 )	2025-01-18 23:41:32 -05:00
William Woodruff	3c1309ca9d	bugfix: special-case workflow_call in excessive-permissions (#473 )	2025-01-18 23:19:30 -05:00
William Woodruff	78cdaf6a69	chore: prep 1.2.1 (#470 )	2025-01-18 22:15:15 +00:00
William Woodruff	428e663046	bugfix: generalize path prefix handling (#469 )	2025-01-18 17:11:40 -05:00
William Woodruff	7b75f567e7	chore: prep 1.2.0 (#464 )	2025-01-18 12:36:31 -05:00
William Woodruff	c33c5fc5b8	bugfix: bump github-actions-models (#463 )	2025-01-18 12:26:03 -05:00
William Woodruff	a3e68fdc9a	bugfix: parse multi-line expressions correctly (#461 )	2025-01-17 22:48:13 -05:00
William Woodruff	9b2ecfa6d3	feat: bot-conditions (#460 )	2025-01-18 03:33:09 +00:00
William Woodruff	8a746a342c	ci: pypi: try enabling aarch64 on an ARM runner (#457 )	2025-01-17 15:35:39 -05:00
William Woodruff	d343988b16	bugfix: sarif: use absolute physical locations only (#453 )	2025-01-16 20:37:13 -05:00
William Woodruff	598afd2ca1	fix: artipacked: check for stringy bools (#448 )	2025-01-14 18:38:26 -05:00
William Woodruff	813fc4ec0a	bugfix: mark another context as safe during injections (#445 )	2025-01-14 16:54:22 -05:00
William Woodruff	8c2ba3c059	refactor: make excessive-permissions more correct (#441 )	2025-01-14 04:55:32 +00:00
William Woodruff	1a4675edfe	fix: don't flag local workflows in unpinned-uses (#439 )	2025-01-13 13:19:48 -05:00
William Woodruff	ec37d0a0e5	chore: prep 1.1.1 (#438 )	2025-01-13 11:03:43 -05:00
William Woodruff	2d1e298161	fix: bump github-actions-models (#437 )	2025-01-13 10:51:31 -05:00
William Woodruff	b178d52d35	chore: prep 1.1.0 (#428 )	2025-01-13 05:15:57 +00:00
William Woodruff	7450acab53	feat: template-injection: handle 2 more sinks (#421 )	2025-01-10 19:49:20 +00:00
William Woodruff	0e8cb04792	fix: template-injection: do not fail on `uses:` steps (#420 )	2025-01-10 18:50:06 +00:00
William Woodruff	c6fef48587	fix: template-injection: github.server_url is safe (#412 )	2025-01-08 21:52:44 +00:00
William Woodruff	676bdca78f	feat: secrets-inherit: new audit (#408 )	2025-01-07 22:34:13 -05:00
William Woodruff	7a8c9f2e82	chore: prep 1.0.1 (#406 )	2025-01-07 14:14:02 -05:00
William Woodruff	907e2c867f	fix: handle non-trivial shells in github-env (#403 )	2025-01-06 22:04:50 -05:00
William Woodruff	b25fcaf739	fix: template-injection: github.action_path is safe (#402 )	2025-01-06 15:42:45 -05:00
William Woodruff	dd3c9092e4	feat: github-env audit checks GITHUB_PATH too (#391 )	2025-01-05 16:40:05 -05:00
William Woodruff	d3cbf7ea5d	fix: cache-poisoning: handle non-pushing docker-push-action (#389 )	2025-01-05 13:53:53 -05:00
William Woodruff	7f372e22b2	deps: bump github-actions-models (#388 )	2025-01-05 12:44:35 -05:00
William Woodruff	4085b881fb	chore: clean up changelog (#376 )	2025-01-02 09:02:25 -08:00
William Woodruff	1fb4c75e26	chore: prep 1.0.0 (#375 )	2025-01-02 08:59:59 -08:00
William Woodruff	71a546a624	docs: move changelog to website (#374 )	2025-01-02 09:43:28 +00:00

1 2 3 4

187 commits