Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

zizmor 1.3.0 #205848

Merged
merged 2 commits into from
Jan 29, 2025
Merged

zizmor 1.3.0 #205848

merged 2 commits into from
Jan 29, 2025

Conversation

BrewTestBot
Copy link
Member

Created by brew bump


Created with brew bump-formula-pr.

release notes
This release comes with one new audit ([overprovisioned-secrets](https://woodruffw.github.io/zizmor/audits/#overprovisioned-secrets)), plus a handful of bugfixes and analysis improvements to existing audits. It also comes with a special easter egg for those who wish to kvell about their audit results.

New Features 🌈🔗

  • New audit: overprovisioned-secrets detects uses of the secrets context that result in excessive secret provisioning (#485)
  • Added a special naches mode for when you're feeling particularly proud of your audit results (#490)

Improvements 🌱🔗

  • zizmor produces slightly more informative error messages when given an invalid input file (#482)
  • Case insensitivity in contexts is now handeled more consistently and pervasively (#491)

Bug Fixes 🐛🔗

  • Fixed a bug where zizmor would fail to discover actions within subdirectories of .github/workflows (#477)
  • Fixed a bug where zizmor would fail to parse composite action definitions with no name field (#487)

@github-actions github-actions bot added rust Rust use is a significant feature of the PR or issue bump-formula-pr PR was created using `brew bump-formula-pr` labels Jan 29, 2025
Copy link
Contributor

🤖 An automated task has requested bottles to be published to this PR.

@github-actions github-actions bot added the CI-published-bottle-commits The commits for the built bottles have been pushed to the PR branch. label Jan 29, 2025
@BrewTestBot BrewTestBot enabled auto-merge January 29, 2025 04:33
@BrewTestBot BrewTestBot added this pull request to the merge queue Jan 29, 2025
Merged via the queue into master with commit 0f968f2 Jan 29, 2025
15 checks passed
@BrewTestBot BrewTestBot deleted the bump-zizmor-1.3.0 branch January 29, 2025 04:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bump-formula-pr PR was created using `brew bump-formula-pr` CI-published-bottle-commits The commits for the built bottles have been pushed to the PR branch. rust Rust use is a significant feature of the PR or issue
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants