William Woodruff
|
4431412276
|
chore(docs): change URL (#770)
|
2025-05-09 05:03:14 +00:00 |
|
William Woodruff
|
b5fc7c17bb
|
chore: switch to docs.zizmor.sh (#769)
|
2025-05-09 04:53:27 +00:00 |
|
William Woodruff
|
beba48976c
|
chore: prep for v1.7.0 release (#768)
|
2025-05-08 22:50:51 -04:00 |
|
William Woodruff
|
a542e7d205
|
chore(docs): update release notes (#767)
|
2025-05-09 02:41:14 +00:00 |
|
William Woodruff
|
a284f5866f
|
feat: tab completion (#765)
|
2025-05-08 16:40:01 -04:00 |
|
William Woodruff
|
d957f6e6e5
|
chore(docs): bump trophies (#763)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-05-07 22:19:09 +00:00 |
|
William Woodruff
|
5a02ad248d
|
chore(docs): bump trophies (#761)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-05-07 17:38:59 +00:00 |
|
William Woodruff
|
50c3d5a5cf
|
chore(docs): bump trophies (#760)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-05-07 15:44:50 +00:00 |
|
William Woodruff
|
d151afcf01
|
chore(docs): mention @zizmorecore plans (#759)
|
2025-05-07 04:19:40 +00:00 |
|
William Woodruff
|
ebd5391495
|
chore(docs): add Discord badge to README and docs (#757)
|
2025-05-07 00:07:46 -04:00 |
|
William Woodruff
|
3ab3cf8a8d
|
chore(docs): document repository patterns better (#751)
|
2025-05-05 22:37:32 -04:00 |
|
William Woodruff
|
ed489be3fc
|
feat: extend RepositoryUsesPattern to allow exact ref patterns (#750)
|
2025-05-05 21:58:45 -04:00 |
|
William Woodruff
|
fb8e3f63f3
|
refactor: begin splitting out syntax/sema error handling (#734)
|
2025-05-03 04:22:35 +00:00 |
|
Travis Truman
|
a8baaa417a
|
docs: alpha sort audit doc contents by audit name (#741)
|
2025-05-02 14:38:27 -04:00 |
|
Travis Truman
|
69575bbd60
|
feat: emit pedantic finding for tagged OCI images (#740)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-05-02 17:52:53 +00:00 |
|
William Woodruff
|
e7d8899eec
|
chore(docs): put examples in example blocks (#739)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-05-02 16:40:32 +00:00 |
|
Travis Truman
|
58a6596c33
|
feat: add unpinned-container-images check (#733)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-05-02 12:28:18 -04:00 |
|
Jan Holthuis
|
0effad5b06
|
New Audit unsound-contains: Checks for problematic contains() usage (#577)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-05-02 05:14:09 +00:00 |
|
William Woodruff
|
4a9211a79c
|
bugfix: fix edge case in remote audit input collection (#731)
|
2025-05-01 10:52:33 -04:00 |
|
Marcono1234
|
d55fb35ff3
|
doc: mention insta --force-update-snapshots (#728)
|
2025-04-30 21:53:58 +00:00 |
|
William Woodruff
|
4921e0029b
|
chore(docs): bump trophies (#727)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-04-30 17:47:50 +00:00 |
|
William Woodruff
|
d5c3bcdeb3
|
feat: more informative error message (#719)
Co-authored-by: reandreev <58111850+reandreev@users.noreply.github.com>
|
2025-04-30 00:38:44 -04:00 |
|
Marcono1234
|
ebca08dd02
|
feat: new audit: stale-action-refs (#713)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-04-30 03:07:37 +00:00 |
|
William Woodruff
|
d1ff64357b
|
chore(docs): bump trophies (#717)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-04-30 02:59:10 +00:00 |
|
William Woodruff
|
cf4918f6a7
|
chore(docs): bump trophies (#715)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-04-29 16:23:47 +00:00 |
|
William Woodruff
|
c0cccc22de
|
chore(docs): bump trophies (#712)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-04-29 15:08:18 +00:00 |
|
William Woodruff
|
27f820c7b9
|
bugfix: sarif: prefix ID, add rule names (#710)
|
2025-04-29 10:29:16 -04:00 |
|
William Woodruff
|
9cd012b752
|
chore(docs): bump trophies (#708)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-04-29 02:41:23 +00:00 |
|
William Woodruff
|
f8ed4fee2b
|
chore(docs): bump trophies (#706)
|
2025-04-28 22:42:24 +00:00 |
|
William Woodruff
|
fd8bd06b2c
|
chore(docs): hash-pin setup-uv in usage.md (#705)
|
2025-04-28 21:25:57 +00:00 |
|
William Woodruff
|
d3b7eb86c1
|
chore(docs): update trophies (#700)
|
2025-04-27 23:27:19 +00:00 |
|
William Woodruff
|
b3094b1d2e
|
chore(docs): update trophies (#699)
|
2025-04-27 21:43:29 +00:00 |
|
William Woodruff
|
bc35a413e6
|
chore(docs): bump trophies (#694)
|
2025-04-24 18:37:04 +00:00 |
|
Marcono1234
|
1514afd84e
|
docs: extend remediation for dangerous-triggers (#692)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-04-24 17:37:55 +00:00 |
|
William Woodruff
|
e0dfef80fe
|
feat: new audit: obfuscation (#683)
|
2025-04-23 21:32:48 +00:00 |
|
Marcono1234
|
2c1c91ce65
|
docs: recommend GitHubSecurityLab/actions-permissions (#688)
Co-authored-by: William Woodruff <william@yossarian.net>
|
2025-04-23 18:54:23 +00:00 |
|
William Woodruff
|
7b4e76e94b
|
chore(docs): clarify default rule in explicit config (#687)
|
2025-04-22 16:04:25 +00:00 |
|
William Woodruff
|
fb0e31e3c2
|
docs: bump trophies (#682)
|
2025-04-19 22:24:40 -04:00 |
|
William Woodruff
|
fb8520bdd5
|
chore: prep for release 1.6.0 (#681)
|
2025-04-19 22:13:28 -04:00 |
|
William Woodruff
|
d922717d80
|
feat: generalize RepositoryUsesPattern (#670)
|
2025-04-16 23:29:26 -04:00 |
|
William Woodruff
|
db3072104c
|
bugfix: template-injection: mark another context as safe (#675)
|
2025-04-16 19:02:27 +00:00 |
|
William Woodruff
|
07d2c2401d
|
docs: bump trophies (#671)
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-04-15 21:53:38 +00:00 |
|
William Woodruff
|
8b23a9e577
|
feat: new audit: forbidden-uses (#664)
Co-authored-by: Jan Holthuis <jan.holthuis@ruhr-uni-bochum.de>
|
2025-04-14 21:13:49 -04:00 |
|
William Woodruff
|
c4600e99fd
|
chore(docs): bump trophies (#668)
|
2025-04-14 19:41:18 +00:00 |
|
William Woodruff
|
83297264aa
|
feat: rewrite unpinned-uses, fold in forbidden-uses (#663)
Co-authored-by: Jan Holthuis <jan.holthuis@ruhr-uni-bochum.de>
|
2025-04-13 16:00:55 -04:00 |
|
William Woodruff
|
14f9bbebb3
|
bugfix: github.job is not a template injection risk (#661)
|
2025-04-10 20:12:54 +00:00 |
|
William Woodruff
|
9b1ec923be
|
bugfix: bump yamlpath, fix #659 (#660)
|
2025-04-10 11:15:38 -04:00 |
|
William Woodruff
|
5ebba3e220
|
feat: add JSON format versioning (#657)
* feat: add JSON format versioning
* docs: bump snippets, add PR
|
2025-04-07 20:18:50 -04:00 |
|
William Woodruff
|
f823fcedfc
|
usage: note when --format=github is available (#656)
|
2025-04-07 23:54:32 +00:00 |
|
William Woodruff
|
4d5c79a582
|
cli: add a "GitHub" output format (#634)
* cli: add a "GitHub" output format
Closes #633.
Signed-off-by: William Woodruff <william@yossarian.net>
* try using SARIF path
Signed-off-by: William Woodruff <william@yossarian.net>
* fix lines
Signed-off-by: William Woodruff <william@yossarian.net>
* fmt
Signed-off-by: William Woodruff <william@yossarian.net>
* add --no-exit-codes
Signed-off-by: William Woodruff <william@yossarian.net>
* bump help snippet
Signed-off-by: William Woodruff <william@yossarian.net>
* bump snippet
Signed-off-by: William Woodruff <william@yossarian.net>
* integration test for github output
Signed-off-by: William Woodruff <william@yossarian.net>
* github: output tweaks
* update snapshot
* test-output: test GitHub output on just one file
* remove columns
* bump snapshot
* try something else
Signed-off-by: William Woodruff <william@yossarian.net>
* fixup snapshot
Signed-off-by: William Woodruff <william@yossarian.net>
* one last hack
Signed-off-by: William Woodruff <william@yossarian.net>
* add primary annotation to message
Signed-off-by: William Woodruff <william@yossarian.net>
* usage: document --format=github, add integration docs
Signed-off-by: William Woodruff <william@yossarian.net>
* docs: update release notes
---------
Signed-off-by: William Woodruff <william@yossarian.net>
|
2025-04-07 19:51:19 -04:00 |
|