What's Changed
- Incorrect tag naming in readme by @lukehinds in #1105
- Utilize PyPI's trusted publishing by @ericwb in #1107
- Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 by @dependabot in #1109
- Add 1.7.7 to versions of bug template by @ericwb in #1110
- Use datetime to avoid updating copyright year by @ericwb in #1112
- filter data is safe for tarfile extractall by @etienneschalk in #1111
- Bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in #1115
- [B605] Add functions that are vulnerable to shell injection. by @shihai1991 in #1116
- Add a SARIF output formatter by @ericwb in #1113
New Contributors
- @etienneschalk made their first contribution in #1111
- @shihai1991 made their first contribution in #1116
Full Changelog: 1.7.7...1.7.8