PyPI - zizmor - Versions diffs - 1.12.0__tar.gz → 1.13.0__tar.gz - Mend

zizmor 1.12.0tar.gz → 1.13.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of zizmor might be problematic. Click here for more details.

Files changed (454) hide show

{zizmor-1.12.0 → zizmor-1.13.0}/Cargo.lock RENAMED Viewed

@@ -52,9 +52,9 @@ dependencies = [
 [[package]]
 name = "annotate-snippets"
-version = "0.11.5"
+version = "0.12.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "710e8eae58854cdc1790fcb56cca04d712a17be849eeb81da2a724bf4bae2bc4"
+checksum = "4b0f1e2f8ec4bff67c7e1867001ec452595daf315cce10c393b7d4274024f878"
 dependencies = [
  "anstyle",
  "unicode-width 0.2.0",
@@ -112,9 +112,9 @@ dependencies = [
 [[package]]
 name = "anyhow"
-version = "1.0.98"
+version = "1.0.99"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e16d2d3311acee920a9eb8d33b8cbc1787ce4a264e85f964c2404b969bdcd487"
+checksum = "b0674a1ddeecb70197781e945de4b3b8ffb61fa939a5597bcf48503737663100"
 [[package]]
 name = "arrayvec"
@@ -251,7 +251,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "234113d19d0d7d613b40e86fb654acf958910802bcceab913a4f9e7cda03b1a4"
 dependencies = [
  "memchr",
- "regex-automata 0.4.9",
+ "regex-automata",
  "serde",
 ]
@@ -302,9 +302,9 @@ dependencies = [
 [[package]]
 name = "camino"
-version = "1.1.11"
+version = "1.1.12"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5d07aa9a93b00c76f71bc35d598bed923f6d4f3a9ca5c24b7737ae1a292841c0"
+checksum = "dd0b03af37dad7a14518b7691d81acb0f8222604ad3d1b02f6b4bed5188c0cd5"
 dependencies = [
  "serde",
 ]
@@ -332,9 +332,9 @@ checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
 [[package]]
 name = "clap"
-version = "4.5.43"
+version = "4.5.47"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "50fd97c9dc2399518aa331917ac6f274280ec5eb34e555dd291899745c48ec6f"
+checksum = "7eac00902d9d136acd712710d71823fb8ac8004ca445a89e73a41d45aa712931"
 dependencies = [
  "clap_builder",
  "clap_derive",
@@ -342,9 +342,9 @@ dependencies = [
 [[package]]
 name = "clap-verbosity-flag"
-version = "3.0.3"
+version = "3.0.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eeab6a5cdfc795a05538422012f20a5496f050223c91be4e5420bfd13c641fb1"
+checksum = "9d92b1fab272fe943881b77cc6e920d6543e5b1bfadbd5ed81c7c5a755742394"
 dependencies = [
  "clap",
  "tracing-core",
@@ -352,9 +352,9 @@ dependencies = [
 [[package]]
 name = "clap_builder"
-version = "4.5.43"
+version = "4.5.47"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c35b5830294e1fa0462034af85cc95225a4cb07092c088c55bda3147cfcd8f65"
+checksum = "2ad9bbf750e73b5884fb8a211a9424a1906c1e156724260fdae972f31d70e1d6"
 dependencies = [
  "anstream",
  "anstyle",
@@ -364,9 +364,9 @@ dependencies = [
 [[package]]
 name = "clap_complete"
-version = "4.5.56"
+version = "4.5.57"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "67e4efcbb5da11a92e8a609233aa1e8a7d91e38de0be865f016d14700d45a7fd"
+checksum = "4d9501bd3f5f09f7bbee01da9a511073ed30a80cd7a509f1214bb74eadea71ad"
 dependencies = [
  "clap",
 ]
@@ -383,9 +383,9 @@ dependencies = [
 [[package]]
 name = "clap_derive"
-version = "4.5.41"
+version = "4.5.47"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ef4f52386a59ca4c860f7393bcf8abd8dfd91ecccc0f774635ff68e92eeef491"
+checksum = "bbfd7eae0b0f1a6e63d4b13c9c478de77c2eb546fba158ad50b4203dc24b9f9c"
 dependencies = [
  "heck",
  "proc-macro2",
@@ -620,8 +620,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6e24cb5a94bcae1e5408b0effca5cd7172ea3c5755049c5f3af4cd283a165298"
 dependencies = [
  "bit-set",
- "regex-automata 0.4.9",
- "regex-syntax 0.8.5",
+ "regex-automata",
+ "regex-syntax",
 ]
 [[package]]
@@ -828,13 +828,14 @@ checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f"
 [[package]]
 name = "github-actions-expressions"
-version = "0.0.9"
+version = "0.0.10"
 dependencies = [
  "anyhow",
  "itertools",
  "pest",
  "pest_derive",
  "pretty_assertions",
+ "serde_json",
  "subfeature",
 ]
@@ -857,8 +858,8 @@ dependencies = [
  "aho-corasick",
  "bstr",
  "log",
- "regex-automata 0.4.9",
- "regex-syntax 0.8.5",
+ "regex-automata",
+ "regex-syntax",
 ]
 [[package]]
@@ -1221,7 +1222,7 @@ dependencies = [
  "globset",
  "log",
  "memchr",
- "regex-automata 0.4.9",
+ "regex-automata",
  "same-file",
  "walkdir",
  "winapi-util",
@@ -1229,9 +1230,9 @@ dependencies = [
 [[package]]
 name = "indexmap"
-version = "2.10.0"
+version = "2.11.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fe4cd85333e22411419a0bcae1297d25e58c9443848b11dc6a86fefe8c78a661"
+checksum = "f2481980430f9f78649238835720ddccc57e52df14ffce1c6f37391d61b563e9"
 dependencies = [
  "equivalent",
  "hashbrown 0.15.2",
@@ -1254,9 +1255,9 @@ dependencies = [
 [[package]]
 name = "insta"
-version = "1.43.1"
+version = "1.43.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "154934ea70c58054b556dd430b99a98c2a7ff5309ac9891597e339b5c28f4371"
+checksum = "46fdb647ebde000f43b5b53f773c30cf9b0cb4300453208713fa38b2c70935a0"
 dependencies = [
  "console 0.15.11",
  "once_cell",
@@ -1350,7 +1351,7 @@ dependencies = [
  "percent-encoding",
  "referencing",
  "regex",
- "regex-syntax 0.8.5",
+ "regex-syntax",
  "reqwest",
  "serde",
  "serde_json",
@@ -1433,11 +1434,11 @@ dependencies = [
 [[package]]
 name = "matchers"
-version = "0.1.0"
+version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8263075bb86c5a1b1427b5ae862e8889656f126e9f77c484496e8b47cf5c5558"
+checksum = "d1525a2a28c7f4fa0fc98bb91ae755d1e2d1505079e05539e35bc876b5d65ae9"
 dependencies = [
- "regex-automata 0.1.10",
+ "regex-automata",
 ]
 [[package]]
@@ -1522,12 +1523,11 @@ dependencies = [
 [[package]]
 name = "nu-ansi-term"
-version = "0.46.0"
+version = "0.50.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "77a8165726e8236064dbb45459242600304b42a5ea24ee2948e18e023bf7ba84"
+checksum = "d4a28e057d01f97e61255210fcff094d74ed0466038633e95017f5beb68e4399"
 dependencies = [
- "overload",
- "winapi",
+ "windows-sys 0.52.0",
 ]
 [[package]]
@@ -1647,12 +1647,6 @@ version = "0.5.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1a80800c0488c3a21695ea981a54918fbb37abf04f4d0720c453632255e2ff0e"
-[[package]]
-name = "overload"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39"
 [[package]]
 name = "owo-colors"
 version = "4.2.2"
@@ -1695,7 +1689,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1db05f56d34358a8b1066f67cbb203ee3e7ed2ba674a6263a1d5ec6db2204323"
 dependencies = [
  "memchr",
- "thiserror 2.0.12",
+ "thiserror 2.0.16",
  "ucd-trie",
 ]
@@ -1855,7 +1849,7 @@ dependencies = [
  "rustc-hash",
  "rustls",
  "socket2 0.5.9",
- "thiserror 2.0.12",
+ "thiserror 2.0.16",
  "tokio",
  "tracing",
  "web-time",
@@ -1875,7 +1869,7 @@ dependencies = [
  "rustls",
  "rustls-pki-types",
  "slab",
- "thiserror 2.0.12",
+ "thiserror 2.0.16",
  "tinyvec",
  "tracing",
  "web-time",
@@ -1996,23 +1990,14 @@ dependencies = [
 [[package]]
 name = "regex"
-version = "1.11.1"
+version = "1.11.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191"
+checksum = "23d7fd106d8c02486a8d64e778353d1cffe08ce79ac2e82f540c86d0facf6912"
 dependencies = [
  "aho-corasick",
  "memchr",
- "regex-automata 0.4.9",
- "regex-syntax 0.8.5",
-]
-[[package]]
-name = "regex-automata"
-version = "0.1.10"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132"
-dependencies = [
- "regex-syntax 0.6.29",
+ "regex-automata",
+ "regex-syntax",
 ]
 [[package]]
@@ -2023,15 +2008,9 @@ checksum = "809e8dc61f6de73b46c85f4c96486310fe304c434cfa43669d7b40f711150908"
 dependencies = [
  "aho-corasick",
  "memchr",
- "regex-syntax 0.8.5",
+ "regex-syntax",
 ]
-[[package]]
-name = "regex-syntax"
-version = "0.6.29"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1"
 [[package]]
 name = "regex-syntax"
 version = "0.8.5"
@@ -2040,9 +2019,9 @@ checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c"
 [[package]]
 name = "reqwest"
-version = "0.12.22"
+version = "0.12.23"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cbc931937e6ca3a06e3b6c0aa7841849b160a90351d6ab467a8b9b9959767531"
+checksum = "d429f34c8092b2d42c7c93cec323bb4adeb7c67698f70839adec842ec10c7ceb"
 dependencies = [
  "base64 0.22.1",
  "bytes",
@@ -2245,7 +2224,7 @@ dependencies = [
  "strum",
  "strum_macros",
  "syn 2.0.101",
- "thiserror 2.0.12",
+ "thiserror 2.0.16",
  "typed-builder",
 ]
@@ -2262,9 +2241,9 @@ dependencies = [
 [[package]]
 name = "serde_json"
-version = "1.0.142"
+version = "1.0.143"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "030fedb782600dcbd6f02d479bf0d817ac3bb40d644745b769d6a96bc3afc5a7"
+checksum = "d401abef1d108fbd9cbaebc3e46611f4b1021f714a0597a71f41ee463f5f4a5a"
 dependencies = [
  "indexmap",
  "itoa",
@@ -2286,7 +2265,7 @@ dependencies = [
  "serde_json",
  "serde_json_path_core",
  "serde_json_path_macros",
- "thiserror 2.0.12",
+ "thiserror 2.0.16",
 ]
 [[package]]
@@ -2298,7 +2277,7 @@ dependencies = [
  "inventory",
  "serde",
  "serde_json",
- "thiserror 2.0.12",
+ "thiserror 2.0.16",
 ]
 [[package]]
@@ -2621,11 +2600,11 @@ dependencies = [
 [[package]]
 name = "thiserror"
-version = "2.0.12"
+version = "2.0.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "567b8a2dae586314f7be2a752ec7474332959c6460e02bde30d702a66d488708"
+checksum = "3467d614147380f2e4e374161426ff399c91084acd2363eaf549172b3d5e60c0"
 dependencies = [
- "thiserror-impl 2.0.12",
+ "thiserror-impl 2.0.16",
 ]
 [[package]]
@@ -2641,9 +2620,9 @@ dependencies = [
 [[package]]
 name = "thiserror-impl"
-version = "2.0.12"
+version = "2.0.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f7cf42b4507d8ea322120659672cf1b9dbb93f8f2d4ecfd6e51350ff5b17a1d"
+checksum = "6c5e1be1c48b9172ee610da68fd9cd2770e7a4056cb3fc98710ee6906f0c7960"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -2933,9 +2912,9 @@ dependencies = [
 [[package]]
 name = "tracing-indicatif"
-version = "0.3.12"
+version = "0.3.13"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e1983afead46ff13a3c93581e0cec31d20b29efdd22cbdaa8b9f850eccf2c352"
+checksum = "04d4e11e0e27acef25a47f27e9435355fecdc488867fa2bc90e75b0700d2823d"
 dependencies = [
  "indicatif",
  "tracing",
@@ -2956,14 +2935,14 @@ dependencies = [
 [[package]]
 name = "tracing-subscriber"
-version = "0.3.19"
+version = "0.3.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e8189decb5ac0fa7bc8b96b7cb9b2701d60d48805aca84a238004d665fcc4008"
+checksum = "2054a14f5307d601f88daf0553e1cbf472acc4f2c51afab632431cdcd72124d5"
 dependencies = [
  "matchers",
  "nu-ansi-term",
  "once_cell",
- "regex",
+ "regex-automata",
  "sharded-slab",
  "smallvec",
  "thread_local",
@@ -2974,13 +2953,13 @@ dependencies = [
 [[package]]
 name = "tree-sitter"
-version = "0.25.8"
+version = "0.25.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6d7b8994f367f16e6fa14b5aebbcb350de5d7cbea82dc5b00ae997dd71680dd2"
+checksum = "ccd2a058a86cfece0bf96f7cce1021efef9c8ed0e892ab74639173e5ed7a34fa"
 dependencies = [
  "cc",
  "regex",
- "regex-syntax 0.8.5",
+ "regex-syntax",
  "serde_json",
  "streaming-iterator",
  "tree-sitter-language",
@@ -3359,22 +3338,6 @@ dependencies = [
  "rustls-pki-types",
 ]
-[[package]]
-name = "winapi"
-version = "0.3.9"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419"
-dependencies = [
- "winapi-i686-pc-windows-gnu",
- "winapi-x86_64-pc-windows-gnu",
-]
-[[package]]
-name = "winapi-i686-pc-windows-gnu"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
 [[package]]
 name = "winapi-util"
 version = "0.1.9"
@@ -3384,12 +3347,6 @@ dependencies = [
  "windows-sys 0.59.0",
 ]
-[[package]]
-name = "winapi-x86_64-pc-windows-gnu"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
 [[package]]
 name = "windows"
 version = "0.61.1"
@@ -3695,7 +3652,7 @@ dependencies = [
  "serde_json",
  "serde_yaml",
  "subfeature",
- "thiserror 2.0.12",
+ "thiserror 2.0.16",
  "yamlpath",
 ]
@@ -3706,7 +3663,7 @@ dependencies = [
  "line-index",
  "serde",
  "serde_yaml",
- "thiserror 2.0.12",
+ "thiserror 2.0.16",
  "tree-sitter",
  "tree-sitter-yaml",
 ]
@@ -3832,7 +3789,7 @@ dependencies = [
 [[package]]
 name = "zizmor"
-version = "1.12.0"
+version = "1.13.0"
 dependencies = [
  "annotate-snippets",
  "anstream",
@@ -3870,7 +3827,7 @@ dependencies = [
  "subfeature",
  "tar",
  "terminal-link",
- "thiserror 2.0.12",
+ "thiserror 2.0.16",
  "tokio",
  "tower-lsp",
  "tracing",

{zizmor-1.12.0 → zizmor-1.13.0}/Cargo.toml RENAMED Viewed

@@ -8,22 +8,23 @@ readme = "README.md"
 homepage = "https://docs.zizmor.sh"
 edition = "2024"
 license = "MIT"
+rust-version = "1.88.0"
 [workspace.dependencies]
-anyhow = "1.0.98"
-github-actions-expressions = { path = "crates/github-actions-expressions", version = "0.0.9" }
+anyhow = "1.0.99"
+github-actions-expressions = { path = "crates/github-actions-expressions", version = "0.0.10" }
 github-actions-models = { path = "crates/github-actions-models", version = "0.32.0" }
 itertools = "0.14.0"
 pest = "2.8.1"
 pest_derive = "2.8.1"
 pretty_assertions = "1.4.1"
-annotate-snippets = "0.11.5"
+annotate-snippets = "0.12.3"
 anstream = "0.6.20"
 assert_cmd = "2.0.17"
-camino = "1.1.11"
-clap = "4.5.43"
-clap-verbosity-flag = { version = "3.0.3", default-features = false }
-clap_complete = "4.5.56"
+camino = "1.1.12"
+clap = "4.5.47"
+clap-verbosity-flag = { version = "3.0.4", default-features = false }
+clap_complete = "4.5.57"
 clap_complete_nushell = "4.5.8"
 csv = "1.3.1"
 etcetera = "0.10.0"
@@ -32,31 +33,31 @@ fst = "0.4.7"
 http-cache-reqwest = "0.16"
 human-panic = "2.0.3"
 ignore = "0.4.23"
-indexmap = { version = "2.10.0", features = ["serde"] }
+indexmap = { version = "2.11.0", features = ["serde"] }
 indicatif = "0.18"
-insta = "1.43.0"
+insta = "1.43.2"
 jsonschema = "0.30.0"
 line-index = "0.1.2"
 memchr = "2.7.5"
 owo-colors = "4.2.2"
-regex = "1.11.1"
-reqwest = { version = "0.12.22", default-features = false }
+regex = "1.11.2"
+reqwest = { version = "0.12.23", default-features = false }
 reqwest-middleware = "0.4.2"
 serde = { version = "1.0.219", features = ["derive"] }
 serde-sarif = "0.8.0"
-serde_json = "1.0.142"
+serde_json = "1.0.143"
 serde_json_path = "0.7.2"
 serde_yaml = "0.9.34"
 subfeature = { path = "crates/subfeature", version = "0.0.3" }
 tar = "0.4.44"
 terminal-link = "0.1.0"
-thiserror = "2.0.12"
+thiserror = "2.0.16"
 tokio = { version = "1.47.1", features = ["rt-multi-thread", "io-std"] }
 tower-lsp = { version = "0.20.0" }
 tracing = "0.1.41"
-tracing-indicatif = "0.3.12"
-tracing-subscriber = "0.3.19"
-tree-sitter = "0.25.8"
+tracing-indicatif = "0.3.13"
+tracing-subscriber = "0.3.20"
+tree-sitter = "0.25.9"
 tree-sitter-bash = "0.23.3"
 tree-sitter-powershell = "0.25.8"
 yamlpath = { path = "crates/yamlpath", version = "0.25.0" }

zizmor-1.13.0/PKG-INFO ADDED Viewed

@@ -0,0 +1,121 @@
+Metadata-Version: 2.4
+Name: zizmor
+Version: 1.13.0
+License-File: LICENSE
+Home-Page: https://docs.zizmor.sh
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown; charset=UTF-8; variant=GFM
+# 🌈 zizmor
+[![zizmor](https://img.shields.io/badge/%F0%9F%8C%88-zizmor-white?labelColor=white)](https://zizmor.sh/)
+[![CI](https://github.com/zizmorcore/zizmor/actions/workflows/ci.yml/badge.svg)](https://github.com/zizmorcore/zizmor/actions/workflows/ci.yml)
+[![Crates.io](https://img.shields.io/crates/v/zizmor)](https://crates.io/crates/zizmor)
+[![Packaging status](https://repology.org/badge/tiny-repos/zizmor.svg)](https://repology.org/project/zizmor/versions)
+[![GitHub Sponsors](https://img.shields.io/github/sponsors/woodruffw?style=flat&logo=githubsponsors&labelColor=white&color=white)](https://github.com/sponsors/woodruffw)
+[![Discord](https://img.shields.io/badge/Discord-%235865F2.svg?logo=discord&logoColor=white)](https://discord.com/invite/PGU3zGZuGG)
+`zizmor` is a static analysis tool for GitHub Actions.
+It can find many common security issues in typical GitHub Actions CI/CD setups,
+including:
+* Template injection vulnerabilities, leading to attacker-controlled code execution
+* Accidental credential persistence and leakage
+* Excessive permission scopes and credential grants to runners
+* Impostor commits and confusable `git` references
+* ...[and much more]!
+[and much more]: https://docs.zizmor.sh/audits/
+![zizmor demo](https://zizmor.sh/assets/zizmor-demo.gif)
+See [`zizmor`'s documentation](https://docs.zizmor.sh/)
+for [installation steps], as well as a [quickstart] and
+[detailed usage recipes].
+[please file them]: https://github.com/zizmorcore/zizmor/issues/new?assignees=&labels=bug%2Ctriage&projects=&template=bug-report.yml&title=%5BBUG%5D%3A+
+[installation steps]: https://docs.zizmor.sh/installation/
+[quickstart]: https://docs.zizmor.sh/quickstart/
+[detailed usage recipes]: https://docs.zizmor.sh/usage/
+## License
+`zizmor` is licensed under the [MIT License](./LICENSE).
+## Contributing
+See [our contributing guide!](./CONTRIBUTING.md)
+## The name?
+*[Now you can have beautiful clean workflows!]*
+[Now you can have beautiful clean workflows!]: https://www.youtube.com/watch?v=ol7rxFCvpy8
+## Sponsors 💖
+`zizmor`'s development is supported by these amazing sponsors!
+<!-- @@begin-sponsors@@ -->
+<table width="100%">
+<caption>Logo-level sponsors</caption>
+<tbody>
+<tr>
+<td align="center" valign="top" width="15%">
+<a href="https://grafana.com/">
+<img src="https://avatars.githubusercontent.com/u/7195757?s=100&v=4" width="100px">
+<br>
+Grafana Labs
+</a>
+</td>
+<td align="center" valign="top" width="15%">
+<a href="https://trailofbits.com/">
+<img src="https://avatars.githubusercontent.com/u/2314423?s=100&v=4" width="100px">
+<br>
+Trail of Bits
+</a>
+</td>
+</tr>
+</tbody>
+</table>
+<hr align="center">
+<table width="100%">
+<caption>Name-level sponsors</caption>
+<tbody>
+<tr>
+<td align="center" valign="top">
+<a href="http://tenki.cloud/">
+Tenki Cloud
+</a>
+</td>
+<td align="center" valign="top">
+<a href="https://github.com/ariccio">
+Alexander Riccio
+</a>
+</td>
+</tr>
+</tbody>
+</table>
+<!-- @@end-sponsors@@ -->
+Want to see your name or logo above? Consider becoming a sponsor
+through one of the following:
+- [GitHub Sponsors](https://github.com/sponsors/woodruffw) (preferred)
+- [thanks.dev](https://thanks.dev/u/gh/woodruffw)
+- [ko-fi](https://ko-fi.com/woodruffw)
+## Star History
+<a href="https://star-history.com/#zizmorcore/zizmor&Date">
+ <picture>
+   <source media="(prefers-color-scheme: dark)" srcset="https://api.star-history.com/svg?repos=zizmorcore/zizmor&type=Date&theme=dark" />
+   <source media="(prefers-color-scheme: light)" srcset="https://api.star-history.com/svg?repos=zizmorcore/zizmor&type=Date" />
+   <img alt="Star History Chart" src="https://api.star-history.com/svg?repos=zizmorcore/zizmor&type=Date" />
+ </picture>
+</a>

zizmor 1.12.0__tar.gz → 1.13.0__tar.gz

Potentially problematic release.

zizmor 1.12.0tar.gz → 1.13.0tar.gz