Data

Tools

Indexes

Applications

Experiments

Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / woodruffw/zizmor issues and pull requests

#551 - Feature: `overprovisioned-secrets` should also consider dynamic accesses

Issue - State: closed - Opened by woodruffw 5 months ago
Labels: enhancement

#550 - Feature: bot-conditions should consider `github.triggering_actor` as well

Issue - State: closed - Opened by woodruffw 5 months ago
Labels: enhancement

#549 - feat: add unredacted-secrets audit

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: enhancement, new-audit

#548 - chore: bump locked deps

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: chore, dependencies

#547 - chore: move to Rust 2024

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: chore

#546 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: documentation, chore

#545 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: documentation, chore

#544 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: documentation, chore

#543 - logging: Don't include a timestamp in log lines

Pull Request - State: closed - Opened by jku 5 months ago

#542 - Feature: Avoid timestamps in logging output

Issue - State: closed - Opened by jku 6 months ago - 1 comment
Labels: enhancement, good first issue

#541 - chore(deps): bump docker/setup-buildx-action from 3.8.0 to 3.9.0 in the github-actions group

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, github_actions

#540 - Refine handling of permissions between reusable caller/called workflows

Issue - State: open - Opened by notdodo 6 months ago - 5 comments
Labels: enhancement

#539 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#538 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#537 - ci: fix docker annotations

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: chore

#536 - chore: add latest tag to Docker image builds

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: chore

#535 - ci: fixup GHCR publishing

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: chore

#534 - chore(deps): bump clap from 4.5.28 to 4.5.29 in the cargo group

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, rust

#533 - chore(deps): bump the github-actions group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, github_actions

#532 - feat: add Dockerfile for zizmor

Pull Request - State: closed - Opened by woodruffw 6 months ago - 3 comments
Labels: enhancement

#531 - feat: relax ignore comment regex

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: enhancement

#530 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#529 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#528 - feat: improve SARIF comprehension on GitHub

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: enhancement

#527 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#526 - Feature: Provide info about known vulnerability in an action

Issue - State: closed - Opened by johnbillion 6 months ago - 3 comments
Labels: enhancement

#525 - chore(deps): bump clap from 4.5.27 to 4.5.28 in the cargo group

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, rust

#524 - chore(deps): bump github/codeql-action from 3.28.8 to 3.28.9 in the github-actions group

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, github_actions

#516 - Feature: IDE extensions

Issue - State: open - Opened by woodruffw 6 months ago - 1 comment
Labels: enhancement

#515 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#514 - [BUG]: Resource not accessible by integration

Issue - State: open - Opened by larseggert 6 months ago - 1 comment
Labels: question

#513 - Feature: Allow comments behind `# zizmor ignore` to explain why

Issue - State: closed - Opened by MarcHagen 6 months ago - 4 comments
Labels: enhancement, help wanted, good first issue

#512 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#511 - bugfix: expr: make index rule non-atomic

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: bugfix

#509 - chore(deps): bump the github-actions group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, github_actions

#508 - chore(deps): bump the cargo group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, rust

#507 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#506 - ci: make site.yml reusable

Pull Request - State: closed - Opened by woodruffw 6 months ago - 1 comment
Labels: chore, github_actions

#505 - docs: update dev-docs

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation

#504 - README: more details

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#503 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#502 - bugfix: bump github-actions-models to 0.24.0

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: bugfix, dependencies

#501 - [BUG]: Mandatory description field for inputs and outputs

Issue - State: closed - Opened by cyberst 6 months ago - 3 comments
Labels: bug

#500 - chore: prep for 1.3.0 release

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: chore

#499 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#498 - deps: bump indicatif from 0.17.9 to 0.17.11

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: dependencies

#497 - [BUG]: Error on Install

Issue - State: closed - Opened by blink1073 6 months ago - 1 comment
Labels: bug, duplicate

#496 - Downgrade tracing-indicatif

Pull Request - State: closed - Opened by DarkaMaul 6 months ago - 2 comments
Labels: dependencies

#495 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#494 - ci: attempt to fix arm build

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: chore

#493 - chore(deps): bump the github-actions group with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, github_actions

#492 - chore(deps): bump the cargo group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, rust

#491 - refactor: improve context handling

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: enhancement, refactor

#490 - feat(cli): add naches mode

Pull Request - State: closed - Opened by woodruffw 6 months ago - 1 comment
Labels: enhancement, cli

#489 - release-notes: record #485

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#488 - cli: reduce warning to info when skipping audits

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: enhancement

#487 - deps: bump github-actions-models

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: bugfix, dependencies

#486 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#485 - feat: "raw" audit support + `overprovisioned-secrets`

Pull Request - State: closed - Opened by woodruffw 6 months ago - 1 comment
Labels: enhancement, new-audit

#484 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#483 - Fix syntax in docs for bot-condition

Pull Request - State: closed - Opened by nickvergessen 6 months ago - 1 comment
Labels: documentation

#482 - feat: improve parse error slightly

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: enhancement

#481 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: documentation, chore

#480 - chore(deps): bump the cargo group with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, rust

#479 - New audit: repojacking

Issue - State: open - Opened by woodruffw 6 months ago - 5 comments
Labels: enhancement, help wanted, good first issue, new-audit

#478 - Add slash to avoid redirect

Pull Request - State: closed - Opened by hugovk 6 months ago

#477 - bugfix: collect actions from subdirectories of .github/workflows

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: bugfix

#476 - chore: prep for 1.2.2 release

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: chore

#475 - feat: improve error message when repo fetch fails

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: enhancement

#474 - [BUG]: bad error when fetching a nonexistent repo

Issue - State: closed - Opened by woodruffw 7 months ago
Labels: bug

#473 - bugfix: special-case workflow_call in excessive-permissions

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: bugfix

#470 - chore: prep 1.2.1

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: chore

#469 - bugfix: generalize path prefix handling

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: bugfix

#468 - [BUG]: SARIF paths are still borked

Issue - State: closed - Opened by woodruffw 7 months ago
Labels: bug

#467 - chore(deps): bump astral-sh/setup-uv from 5.1.0 to 5.2.1 in the github-actions group

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago
Labels: dependencies, github_actions

#466 - docs: try to fix the site

Pull Request - State: closed - Opened by woodruffw 7 months ago

#465 - chore: remove site-requirements.txt

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: documentation, chore

#464 - chore: prep 1.2.0

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: chore

#463 - bugfix: bump github-actions-models

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: bugfix

#462 - [BUG]: failed to register input as workflow or action

Issue - State: closed - Opened by cipherboy 7 months ago - 4 comments
Labels: bug

#461 - bugfix: parse multi-line expressions correctly

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: bugfix

#460 - feat: bot-conditions

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: enhancement

#459 - New audit: comment triggers

Issue - State: open - Opened by woodruffw 7 months ago
Labels: new-audit

#458 - New audit: obfuscation

Issue - State: closed - Opened by woodruffw 7 months ago - 1 comment
Labels: enhancement, new-audit

#457 - ci: pypi: try enabling aarch64 on an ARM runner

Pull Request - State: closed - Opened by woodruffw 7 months ago - 1 comment

#456 - docs: typo

Pull Request - State: closed - Opened by miketheman 7 months ago
Labels: documentation

#455 - Provide manylinux aarch64 pip package

Issue - State: closed - Opened by diegorusso 7 months ago - 4 comments
Labels: packaging

#454 - docs: add sponsors to README and site

Pull Request - State: closed - Opened by woodruffw 7 months ago

#453 - bugfix: sarif: use absolute physical locations only

Pull Request - State: closed - Opened by woodruffw 7 months ago - 1 comment
Labels: bugfix

#452 - [BUG]: Incorrect physical location for composite actions in subdirectories

Issue - State: closed - Opened by Bo98 7 months ago - 3 comments
Labels: bug, triage

#451 - chore(docs): bump trophies

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: documentation, chore

#450 - chore(docs): bump trophies

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: documentation, chore

#449 - refactor: reduce invalid states in job APIs

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: refactor

#448 - fix: artipacked: check for stringy bools

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: false-positive, bugfix

#447 - [BUG]: Booleans written as strings are not handled correctly

Issue - State: closed - Opened by frouioui 7 months ago - 4 comments
Labels: bug

#446 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: documentation, chore

#445 - bugfix: mark another context as safe during injections

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: false-positive, bugfix

#444 - docs: bump trophies

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: documentation, chore