Bug Fixes 🐛🔗
-
Fixed a bug where the cache-poisoning audit would fail to consider release events as exempt from cache usage findings when filtered by a tag condition (#2004)
-
Fixed a typo when suggesting --fix flags for findings (#2010)
Many thanks to @0xdea for implementing this fix!
-
Fixed a typo in unpinned-tools annotations (#2008)
Many thanks to @martincostello for implementing this fix!
-
Fixed a bug where the github-app audit would incorrectly flag some safe uses of actions/create-github-app-token as unsafe (#2011)