zizmor

mirror of https://github.com/zizmorcore/zizmor.git synced 2025-12-23 08:47:33 +00:00

Author	SHA1	Message	Date
William Woodruff	5d04e8907a	chore(ci): refactor package name handling for support crates (#1005 )	2025-07-02 18:34:05 -04:00
William Woodruff	87aaccb9c5	chore(ci): add environments to crates.io workflows (#1004 )	2025-07-02 18:23:11 -04:00
William Woodruff	ed0586a0b6	refactor: simplify MergeInto patch op (#999 )	2025-07-01 15:53:33 -04:00
Mostafa Moradian	2254ef6dd3	Fix autofix for template-injection (#995 ) Co-authored-by: William Woodruff <william@yossarian.net>	2025-07-01 09:37:32 -04:00
William Woodruff	1cc8f934e6	chore: release 1.11.0 (#993 )	2025-06-30 14:58:49 -04:00
William Woodruff	44a27e2435	feat: LSP skeleton code from #607 (#984 )	2025-06-30 14:53:25 -04:00
dependabot[bot]	5495af96b6	chore(deps): bump the github-actions group with 3 updates (#990 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-30 14:46:18 -04:00
dependabot[bot]	86c4489c2d	chore(deps): bump the cargo group with 3 updates (#991 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-30 14:45:51 -04:00
William Woodruff	ac6f6e2c76	bugfix: repro, #988 (#989 )	2025-06-30 01:53:41 -04:00
William Woodruff	b98dcb1691	chore: remove descriptions from fixes (#985 )	2025-06-28 00:33:19 +00:00
Mostafa Moradian	42862eb02e	Add Fix for bot-conditions audit rule (#921 ) Co-authored-by: William Woodruff <william@yossarian.net>	2025-06-27 18:25:30 -06:00
William Woodruff	b7500d1c5d	refactor: move audit registration into AuditRegistry (#983 )	2025-06-27 03:47:45 +00:00
William Woodruff	e90af3a68f	chore(deps): bump http-cache-reqwest to 0.16.0 (#982 )	2025-06-26 22:40:21 +00:00
William Woodruff	ab905e1f7d	chore(deps): bump http-cache-reqwest to 0.15.2 (#980 )	2025-06-26 13:43:26 -06:00
William Woodruff	87675402f2	chore(docs): remove demo file, link to zizmor.sh (#978 )	2025-06-26 12:57:06 -06:00
William Woodruff	39f229f7c5	chore: prep for release v1.10.0 (#977 )	2025-06-26 18:28:57 +00:00
William Woodruff	b21812ce4f	chore(deps): bump yamlpath (#976 )	2025-06-26 18:12:35 +00:00
William Woodruff	e69f17cfdd	refactor: prepare fix mode for a public experimental release (#975 )	2025-06-26 12:10:08 -06:00
William Woodruff	ec2f674ca3	chore(docs): bump trophies (#974 )	2025-06-25 19:35:18 +00:00
William Woodruff	20c73a66bd	refactor: more fix API cleanup (#973 )	2025-06-25 13:02:37 -06:00
William Woodruff	e4f41593d4	chore(ci): fix test path, remove an action (#971 )	2025-06-24 22:45:38 -06:00
William Woodruff	18d5c30c1c	chore(deps): bump all support crate versions (#970 )	2025-06-24 18:33:18 -06:00
William Woodruff	8505b968b4	feat: detect computed indices as potential obfuscation (#969 )	2025-06-24 18:27:20 -06:00
William Woodruff	8a84b8465c	refactor: dedupe primary location handling (#968 )	2025-06-24 09:15:59 -06:00
William Woodruff	00cd7f0712	chore: refactor fix input key handling (#966 )	2025-06-23 22:45:55 -06:00
dependabot[bot]	60db19c3ea	chore(deps): bump tree-sitter-powershell in the cargo group (#965 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-23 09:59:36 -06:00
dependabot[bot]	10396ddf03	chore(deps): bump the github-actions group with 3 updates (#964 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-23 09:58:41 -06:00
William Woodruff	4615ee25c1	template-injection: add subfeatures (#958 ) * yamlpath: key-only extraction Signed-off-by: William Woodruff <william@yossarian.net> * bump tests, work in key-only symbolic locations Signed-off-by: William Woodruff <william@yossarian.net> * add related locations Signed-off-by: William Woodruff <william@yossarian.net> * drop format Signed-off-by: William Woodruff <william@yossarian.net> * WIP multiline subspanning Signed-off-by: William Woodruff <william@yossarian.net> * hackety hack Signed-off-by: William Woodruff <william@yossarian.net> * hackety hack Signed-off-by: William Woodruff <william@yossarian.net> * cleanup Signed-off-by: William Woodruff <william@yossarian.net> * update release notes Signed-off-by: William Woodruff <william@yossarian.net> * clippy Signed-off-by: William Woodruff <william@yossarian.net> --------- Signed-off-by: William Woodruff <william@yossarian.net>	2025-06-23 00:34:12 -06:00
Rui Chen	816a92d45e	chore(tests): update default branch for homebrew actions (#962 ) Signed-off-by: Rui Chen <rui@chenrui.dev>	2025-06-22 17:07:18 -04:00
William Woodruff	f12df339fd	chore(docs): add Trail of Bits as a sponsor (#961 )	2025-06-21 05:24:45 +00:00
William Woodruff	0d5ca51f5e	bugfix: eliminate a panic when auditing composite actions (#960 )	2025-06-21 01:14:40 -04:00
William Woodruff	f03869f52b	feat: location subspans/subfeatures (#949 )	2025-06-19 16:41:39 -04:00
William Woodruff	64f9be57c9	feat: better error messages for invalid inputs (#956 )	2025-06-19 12:16:03 -04:00
William Woodruff	8afe891448	chore: add a debug message when registering inputs (#955 )	2025-06-19 11:05:20 -04:00
Ron	a63a2eaf6c	chore(docs): add trophy for philips-software/amp-devcontainer (#953 )	2025-06-19 10:07:17 -04:00
William Woodruff	e60eb434db	chore(cli): add --thanks (#951 )	2025-06-18 12:43:41 -04:00
William Woodruff	18454b8242	chore(docs): update sponsors (#950 )	2025-06-18 16:09:50 +00:00
Max Marrone	8bc8e9082b	Unfix accidentally-fixed ref-pinning example. (#948 )	2025-06-16 18:18:18 -04:00
William Woodruff	3c099f85e7	refactor: add spanning to expressions (#945 )	2025-06-16 14:15:10 -04:00
dependabot[bot]	7b2ecee358	chore(deps): bump the cargo group with 6 updates (#947 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-16 13:47:00 -04:00
dependabot[bot]	399b56d79b	chore(deps): bump the github-actions group with 3 updates (#946 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-16 10:56:50 -04:00
William Woodruff	2345b8d4bd	chore(docs): bump trophies (#944 ) Signed-off-by: William Woodruff <william@yossarian.net>	2025-06-14 00:42:37 +00:00
William Woodruff	d9fc0e1a23	chore(ci): address pedantic zizmor findings (#943 )	2025-06-13 20:36:09 -04:00
Andrew Pollack	c6f0e29d4d	feat: new audit: anonymous-definition (#937 ) Co-authored-by: William Woodruff <william@yossarian.net>	2025-06-13 20:17:11 -04:00
William Woodruff	703bc24330	chore(tests): rename tests for consistency (#942 )	2025-06-12 17:38:13 -04:00
William Woodruff	b5ef519341	chore: remove a root level special case (#940 )	2025-06-12 16:58:58 -04:00
William Woodruff	fa7ec414ac	chore(docs): bump trophies (#941 ) Signed-off-by: William Woodruff <william@yossarian.net>	2025-06-12 20:58:34 +00:00
Andrew Pollack	3f087de8ec	docs: add trophy for rust-lang/this-week-in-rust (#936 )	2025-06-12 04:05:11 +00:00
Mostafa Moradian	9adc5a475f	Handle flow and block style values properly (#904 ) Co-authored-by: William Woodruff <william@yossarian.net>	2025-06-10 17:31:06 -04:00
William Woodruff	ec66e90d95	chore(docs): bump trophies (#934 ) Signed-off-by: William Woodruff <william@yossarian.net>	2025-06-10 18:14:32 +00:00

1 2 3 4 5 ...

754 commits