woodruffw/zizmor v0.6.0
on GitHub

latest releases: v1.3.0, v1.2.2, v1.2.1...

2 months ago

What's Changed

This is one of zizmor's bigger recent releases! Key enhancements include:

A new github-env audit that detects dangerous GITHUB_ENV writes,
courtesy of @ubiratansoares
The --min-severity and --min-confidence flags for filtering results,
courtest (in part) of @Ninja3047
Support for # zizmor: ignore[rule] comments, courtesy of @ubiratansoares

New Features 🌈

feat: adds support to inlined ignores by @ubiratansoares in #187
feat: add --min-severity by @woodruffw in #193
feat: add --min-confidence by @Ninja3047 in #196
feat: adds new github-env audit by @ubiratansoares in #192
feat: improve precision for github-env by @woodruffw in #199
feat: generalized ignore comments by @woodruffw in #200

Documentation Improvements 📖

docs: document ignore comments by @woodruffw in #190
docs: usage: add note about support for ignore comments by @woodruffw in #191
docs: add page descriptions by @woodruffw in #194
docs: add more useful 3p references by @woodruffw in #198

New Contributors

@Ninja3047 made their first contribution in #196

Full Changelog: v0.5.0...v0.6.0

Check out latest releases or
releases around woodruffw/zizmor v0.6.0

Don't miss a new zizmor release

NewReleases is sending notifications on new releases.

Get notifications