This release comes with one new audit (secrets-inherit), plus a slew of bugfixes and internal refactors that unblock future improvements!
Added🔗
- New audit: secrets-inherit detects use of secrets: inherit with reusable workflow calls (#408)
Improved🔗
- The template-injection audit now detects injections in calls to azure/cli and azure/powershell (#421)
Fixed🔗
- The template-injection audit no longer consider github.server_url dangerous (#412)
- The template-injection audit no longer crashes when evaluating the static-ness of an environment for a uses: step (#420)