New Features 🌈🔗
- The overprovisioned-secrets audit now detects indexing operations on the secrets context that result in overprovisioning (#573)
- zizmor now ignores patterns in .gitignore (and related files, like .git/info/exclude) by default when performing input collection. This makes input collection significantly faster for users with local development state and more closely reflects typical user expectations. Users who wish to explicitly collect everything regardless of ignore patterns can continue to use --collect=all (#575)
- zizmor now has a --no-progress flag that disables progress bars, even if the terminal supports them (#589)
- zizmor now has a --color flag that controls when zizmor's output is colorized (beyond basic terminal detection) (#586)
Bug Fixes 🐛🔗
- Fixed zizmor's path presentation behavior to correctly present unambiguous paths in both SARIF and "plain" outputs when multiple input directories are given (#572)