zizmor 1.15.0__tar.gz → 1.15.2__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of zizmor might be problematic. Click here for more details.

Files changed (478) hide show
  1. {zizmor-1.15.0 → zizmor-1.15.2}/Cargo.lock +2 -2
  2. {zizmor-1.15.0 → zizmor-1.15.2}/Cargo.toml +1 -1
  3. {zizmor-1.15.0 → zizmor-1.15.2}/PKG-INFO +1 -1
  4. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/Cargo.toml +1 -1
  5. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/src/dependabot/v2.rs +78 -1
  6. zizmor-1.15.2/crates/github-actions-models/tests/sample-dependabot/v2/cron-missing-cronjob.invalid.yml +6 -0
  7. zizmor-1.15.2/crates/github-actions-models/tests/sample-dependabot/v2/cronjob-on-daily.invalid.yml +7 -0
  8. zizmor-1.15.2/crates/github-actions-models/tests/sample-dependabot/v2/day-on-daily.invalid.yml +7 -0
  9. zizmor-1.15.2/crates/github-actions-models/tests/sample-dependabot/v2/devcontainers.yml +8 -0
  10. zizmor-1.15.2/crates/github-actions-models/tests/sample-dependabot/v2/weekly-with-day.yml +7 -0
  11. zizmor-1.15.2/crates/github-actions-models/tests/test_dependabot_v2.rs +134 -0
  12. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/Cargo.toml +1 -1
  13. zizmor-1.15.0/crates/github-actions-models/tests/test_dependabot_v2.rs +0 -73
  14. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-expressions/Cargo.toml +0 -0
  15. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-expressions/README.md +0 -0
  16. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-expressions/src/call.rs +0 -0
  17. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-expressions/src/context.rs +0 -0
  18. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-expressions/src/expr.pest +0 -0
  19. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-expressions/src/identifier.rs +0 -0
  20. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-expressions/src/lib.rs +0 -0
  21. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-expressions/src/literal.rs +0 -0
  22. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-expressions/src/op.rs +0 -0
  23. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/LICENSE +0 -0
  24. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/README.md +0 -0
  25. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/src/action.rs +0 -0
  26. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/src/common/expr.rs +0 -0
  27. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/src/common.rs +0 -0
  28. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/src/dependabot/mod.rs +0 -0
  29. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/src/lib.rs +0 -0
  30. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/src/workflow/event.rs +0 -0
  31. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/src/workflow/job.rs +0 -0
  32. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/src/workflow/mod.rs +0 -0
  33. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-actions/gh-action-pip-audit.yml +0 -0
  34. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-actions/gh-action-pypi-publish.yml +0 -0
  35. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-actions/gh-action-sigstore-python.yml +0 -0
  36. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-actions/no-input-output-descriptions.yml +0 -0
  37. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-actions/setup-python.yml +0 -0
  38. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-dependabot/v2/cooldown.yml +0 -0
  39. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-dependabot/v2/grafana.yml +0 -0
  40. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-dependabot/v2/pip-audit.yml +0 -0
  41. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-dependabot/v2/sigstore-python.yml +0 -0
  42. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/adafruit-circuitpython-run-tests.yml +0 -0
  43. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/false-condition.yml +0 -0
  44. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/gh-action-sigstore-python-selftest.yml +0 -0
  45. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/git-annex-built-windows.yaml +0 -0
  46. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/guacsec-guac-ci.yml +0 -0
  47. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/homebrew-core-automerge-triggers.yml +0 -0
  48. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/homebrew-core-dispatch-rebottle.yml +0 -0
  49. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/intel-llvm-sycl-linux-run-tests.yml +0 -0
  50. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/issue-35.yml +0 -0
  51. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/jazzband-tablib-docs-lint.yml +0 -0
  52. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/letsencrypt-boulder-boulder-ci.yml +0 -0
  53. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/mhils-workflows-python-deploy.yml +0 -0
  54. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/openbao-openbao-test-go.yml +0 -0
  55. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/pip-api-test.yml +0 -0
  56. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/pip-audit-ci.yml +0 -0
  57. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/pip-audit-scorecards.yml +0 -0
  58. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/pwn-requests.yml +0 -0
  59. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/pyca-cryptography-ci.yml +0 -0
  60. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/pypi-attestations-release.yml +0 -0
  61. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/reusable-workflow-unpinned.yml +0 -0
  62. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/rnpgp-rnp-centos-and-fedora.yml +0 -0
  63. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/runs-on-expr.yml +0 -0
  64. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/runs-on-group-only.yml +0 -0
  65. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/scalar-trigger-type.yml +0 -0
  66. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/vil02-puzzle_generator-check_examples.yml +0 -0
  67. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/zizmor-issue-646.yml +0 -0
  68. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/sample-workflows/zizmor-issue-650.yml +0 -0
  69. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/test_action.rs +0 -0
  70. {zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/tests/test_workflow.rs +0 -0
  71. {zizmor-1.15.0 → zizmor-1.15.2}/crates/subfeature/.gitignore +0 -0
  72. {zizmor-1.15.0 → zizmor-1.15.2}/crates/subfeature/Cargo.toml +0 -0
  73. {zizmor-1.15.0 → zizmor-1.15.2}/crates/subfeature/LICENSE +0 -0
  74. {zizmor-1.15.0 → zizmor-1.15.2}/crates/subfeature/README.md +0 -0
  75. {zizmor-1.15.0 → zizmor-1.15.2}/crates/subfeature/src/lib.rs +0 -0
  76. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpatch/Cargo.toml +0 -0
  77. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpatch/LICENSE +0 -0
  78. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpatch/README.md +0 -0
  79. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpatch/src/lib.rs +0 -0
  80. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpatch/tests/unit_tests.rs +0 -0
  81. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/Cargo.toml +0 -0
  82. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/LICENSE +0 -0
  83. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/README.md +0 -0
  84. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/src/lib.rs +0 -0
  85. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/tests/integration_test.rs +0 -0
  86. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/tests/testcases/basic.yml +0 -0
  87. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/tests/testcases/comments.yml +0 -0
  88. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/tests/testcases/directives.yml +0 -0
  89. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/tests/testcases/exact-features.yml +0 -0
  90. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/tests/testcases/flow.yml +0 -0
  91. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/tests/testcases/interceding-comment.yml +0 -0
  92. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/tests/testcases/key-only-features.yml +0 -0
  93. {zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/tests/testcases/quoted-key.yml +0 -0
  94. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/README.md +0 -0
  95. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/build.rs +0 -0
  96. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/data/codeql-injection-sinks.json +0 -0
  97. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/data/context-capabilities.csv +0 -0
  98. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/anonymous_definition.rs +0 -0
  99. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/artipacked.rs +0 -0
  100. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/bot_conditions.rs +0 -0
  101. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/cache_poisoning.rs +0 -0
  102. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/dangerous_triggers.rs +0 -0
  103. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/dependabot_cooldown.rs +0 -0
  104. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/dependabot_execution.rs +0 -0
  105. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/excessive_permissions.rs +0 -0
  106. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/forbidden_uses.rs +0 -0
  107. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/github_env.rs +0 -0
  108. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/hardcoded_container_credentials.rs +0 -0
  109. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/impostor_commit.rs +0 -0
  110. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/insecure_commands.rs +0 -0
  111. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/known_vulnerable_actions.rs +0 -0
  112. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/mod.rs +0 -0
  113. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/obfuscation.rs +0 -0
  114. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/overprovisioned_secrets.rs +0 -0
  115. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/ref_confusion.rs +0 -0
  116. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/ref_version_mismatch.rs +0 -0
  117. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/secrets_inherit.rs +0 -0
  118. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/self_hosted_runner.rs +0 -0
  119. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/stale_action_refs.rs +0 -0
  120. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/template_injection.rs +0 -0
  121. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/undocumented_permissions.rs +0 -0
  122. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/unpinned_images.rs +0 -0
  123. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/unpinned_uses.rs +0 -0
  124. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/unredacted_secrets.rs +0 -0
  125. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/unsound_condition.rs +0 -0
  126. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/unsound_contains.rs +0 -0
  127. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/audit/use_trusted_publishing.rs +0 -0
  128. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/config.rs +0 -0
  129. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/data/dependabot-2.0.json +0 -0
  130. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/data/github-action.json +0 -0
  131. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/data/github-workflow.json +0 -0
  132. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/finding/location.rs +0 -0
  133. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/finding.rs +0 -0
  134. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/github_api.rs +0 -0
  135. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/lsp.rs +0 -0
  136. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/main.rs +0 -0
  137. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/models/action.rs +0 -0
  138. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/models/coordinate.rs +0 -0
  139. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/models/dependabot.rs +0 -0
  140. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/models/inputs.rs +0 -0
  141. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/models/uses.rs +0 -0
  142. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/models/workflow.rs +0 -0
  143. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/models.rs +0 -0
  144. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/output/fix.rs +0 -0
  145. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/output/github.rs +0 -0
  146. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/output/json/mod.rs +0 -0
  147. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/output/json/v1.rs +0 -0
  148. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/output/mod.rs +0 -0
  149. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/output/plain.rs +0 -0
  150. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/output/sarif.rs +0 -0
  151. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/registry/input.rs +0 -0
  152. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/registry.rs +0 -0
  153. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/state.rs +0 -0
  154. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/src/utils.rs +0 -0
  155. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/acceptance.rs +0 -0
  156. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/common.rs +0 -0
  157. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/config.rs +0 -0
  158. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/e2e/collect.rs +0 -0
  159. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/e2e/json_v1.rs +0 -0
  160. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/e2e/snapshots/integration__e2e__json_v1__json_v1.snap +0 -0
  161. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/e2e.rs +0 -0
  162. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/main.rs +0 -0
  163. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshot.rs +0 -0
  164. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__disablement.snap +0 -0
  165. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__discovers_config_in_dotgithub.snap +0 -0
  166. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__discovers_config_in_dotgithub_from_file_input.snap +0 -0
  167. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__discovers_config_in_root.snap +0 -0
  168. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__discovers_config_in_root_from_child_dir.snap +0 -0
  169. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__discovers_config_in_root_from_file_input.snap +0 -0
  170. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__ignores_config_in_dotgithub.snap +0 -0
  171. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__ignores_config_in_dotgithub_from_file_input.snap +0 -0
  172. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__ignores_config_in_root.snap +0 -0
  173. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__ignores_config_in_root_from_child_dir.snap +0 -0
  174. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__ignores_config_in_root_from_file_input.snap +0 -0
  175. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__invalid_configs-2.snap +0 -0
  176. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__invalid_configs-3.snap +0 -0
  177. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__config__invalid_configs.snap +0 -0
  178. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__gha_hazmat.snap +0 -0
  179. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_config_file.snap +0 -0
  180. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_input_not_strict-2.snap +0 -0
  181. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_input_not_strict.snap +0 -0
  182. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_inputs-10.snap +0 -0
  183. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_inputs-2.snap +0 -0
  184. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_inputs-3.snap +0 -0
  185. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_inputs-4.snap +0 -0
  186. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_inputs-5.snap +0 -0
  187. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_inputs-6.snap +0 -0
  188. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_inputs-7.snap +0 -0
  189. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_inputs-8.snap +0 -0
  190. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_inputs-9.snap +0 -0
  191. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__invalid_inputs.snap +0 -0
  192. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__issue_1065.snap +0 -0
  193. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__issue_1116_strict_collection_remote_input-2.snap +0 -0
  194. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__issue_1116_strict_collection_remote_input.snap +0 -0
  195. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__issue_1207.snap +0 -0
  196. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__issue_569.snap +0 -0
  197. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__issue_612_repro.snap +0 -0
  198. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__issue_726.snap +0 -0
  199. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__menagerie-2.snap +0 -0
  200. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__menagerie.snap +0 -0
  201. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__pr_960_backstop.snap +0 -0
  202. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__warn_on_min_confidence_unknown.snap +0 -0
  203. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__e2e__warn_on_min_severity_unknown.snap +0 -0
  204. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__anonymous_definition.snap +0 -0
  205. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__artipacked-2.snap +0 -0
  206. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__artipacked-3.snap +0 -0
  207. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__artipacked-4.snap +0 -0
  208. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__artipacked-5.snap +0 -0
  209. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__artipacked.snap +0 -0
  210. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__bot_conditions.snap +0 -0
  211. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-10.snap +0 -0
  212. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-11.snap +0 -0
  213. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-12.snap +0 -0
  214. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-13.snap +0 -0
  215. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-14.snap +0 -0
  216. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-15.snap +0 -0
  217. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-16.snap +0 -0
  218. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-17.snap +0 -0
  219. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-2.snap +0 -0
  220. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-3.snap +0 -0
  221. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-4.snap +0 -0
  222. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-5.snap +0 -0
  223. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-6.snap +0 -0
  224. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-7.snap +0 -0
  225. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-8.snap +0 -0
  226. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning-9.snap +0 -0
  227. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cache_poisoning.snap +0 -0
  228. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cant_retrieve-2.snap +0 -0
  229. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cant_retrieve.snap +0 -0
  230. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cant_retrieve_no_gh_token.snap +0 -0
  231. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__cant_retrieve_offline.snap +0 -0
  232. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions-10.snap +0 -0
  233. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions-11.snap +0 -0
  234. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions-12.snap +0 -0
  235. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions-2.snap +0 -0
  236. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions-3.snap +0 -0
  237. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions-4.snap +0 -0
  238. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions-5.snap +0 -0
  239. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions-6.snap +0 -0
  240. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions-7.snap +0 -0
  241. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions-8.snap +0 -0
  242. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions-9.snap +0 -0
  243. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__excessive_permissions.snap +0 -0
  244. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__forbidden_uses-2.snap +0 -0
  245. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__forbidden_uses-3.snap +0 -0
  246. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__forbidden_uses-4.snap +0 -0
  247. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__forbidden_uses-5.snap +0 -0
  248. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__forbidden_uses-6.snap +0 -0
  249. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__forbidden_uses.snap +0 -0
  250. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__github_env-2.snap +0 -0
  251. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__github_env-3.snap +0 -0
  252. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__github_env.snap +0 -0
  253. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__github_output.snap +0 -0
  254. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__insecure_commands-2.snap +0 -0
  255. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__insecure_commands-3.snap +0 -0
  256. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__insecure_commands-4.snap +0 -0
  257. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__insecure_commands.snap +0 -0
  258. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__obfuscation-2.snap +0 -0
  259. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__obfuscation-3.snap +0 -0
  260. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__obfuscation.snap +0 -0
  261. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__overprovisioned_secrets.snap +0 -0
  262. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__ref_confusion-2.snap +0 -0
  263. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__ref_confusion.snap +0 -0
  264. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__ref_version_mismatch.snap +0 -0
  265. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__secrets_inherit.snap +0 -0
  266. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__self_hosted-2.snap +0 -0
  267. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__self_hosted-3.snap +0 -0
  268. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__self_hosted-4.snap +0 -0
  269. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__self_hosted-5.snap +0 -0
  270. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__self_hosted-6.snap +0 -0
  271. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__self_hosted-7.snap +0 -0
  272. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__self_hosted-8.snap +0 -0
  273. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__self_hosted.snap +0 -0
  274. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__stale_action_refs.snap +0 -0
  275. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-10.snap +0 -0
  276. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-11.snap +0 -0
  277. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-12.snap +0 -0
  278. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-13.snap +0 -0
  279. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-14.snap +0 -0
  280. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-15.snap +0 -0
  281. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-2.snap +0 -0
  282. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-3.snap +0 -0
  283. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-4.snap +0 -0
  284. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-5.snap +0 -0
  285. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-6.snap +0 -0
  286. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-7.snap +0 -0
  287. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-8.snap +0 -0
  288. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection-9.snap +0 -0
  289. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__template_injection.snap +0 -0
  290. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__undocumented_permissions-2.snap +0 -0
  291. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__undocumented_permissions-3.snap +0 -0
  292. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__undocumented_permissions-4.snap +0 -0
  293. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__undocumented_permissions-5.snap +0 -0
  294. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__undocumented_permissions-6.snap +0 -0
  295. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__undocumented_permissions-7.snap +0 -0
  296. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__undocumented_permissions.snap +0 -0
  297. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned-uses-composite-config-2.snap +0 -0
  298. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned-uses-composite-config.snap +0 -0
  299. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned-uses-default-config.snap +0 -0
  300. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned-uses-empty-config.snap +0 -0
  301. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned-uses-hash-pin-everything-config.snap +0 -0
  302. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned-uses-ref-pin-everything-config.snap +0 -0
  303. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_images.snap +0 -0
  304. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses-10.snap +0 -0
  305. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses-11.snap +0 -0
  306. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses-12.snap +0 -0
  307. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses-2.snap +0 -0
  308. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses-3.snap +0 -0
  309. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses-4.snap +0 -0
  310. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses-5.snap +0 -0
  311. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses-6.snap +0 -0
  312. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses-7.snap +0 -0
  313. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses-8.snap +0 -0
  314. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses-9.snap +0 -0
  315. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unpinned_uses.snap +0 -0
  316. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unredacted_secrets.snap +0 -0
  317. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unsound_condition.snap +0 -0
  318. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__unsound_contains.snap +0 -0
  319. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__use_trusted_publishing-2.snap +0 -0
  320. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__use_trusted_publishing-3.snap +0 -0
  321. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__use_trusted_publishing-4.snap +0 -0
  322. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__use_trusted_publishing-5.snap +0 -0
  323. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/snapshots/integration__snapshot__use_trusted_publishing.snap +0 -0
  324. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/anonymous-definition.yml +0 -0
  325. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/artipacked/demo-action/action.yml +0 -0
  326. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/artipacked/issue-447-repro.yml +0 -0
  327. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/artipacked.yml +0 -0
  328. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/bot-conditions.yml +0 -0
  329. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/caching-disabled-by-default.yml +0 -0
  330. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/caching-enabled-by-default.yml +0 -0
  331. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/caching-not-configurable.yml +0 -0
  332. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/caching-opt-in-boolean-toggle.yml +0 -0
  333. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/caching-opt-in-boolish-toggle.yml +0 -0
  334. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/caching-opt-in-expression.yml +0 -0
  335. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/caching-opt-in-multi-value-toggle.yml +0 -0
  336. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/caching-opt-out.yml +0 -0
  337. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/issue-1081-repro.yml +0 -0
  338. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/issue-1152-repro.yml +0 -0
  339. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/issue-343-repro.yml +0 -0
  340. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/issue-378-repro.yml +0 -0
  341. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/issue-642-repro.yml +0 -0
  342. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/no-cache-aware-steps.yml +0 -0
  343. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/publisher-step.yml +0 -0
  344. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/workflow-release-branch-trigger.yml +0 -0
  345. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning/workflow-tag-trigger.yml +0 -0
  346. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/cache-poisoning.yml +0 -0
  347. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/config-scenarios/config-in-dotgithub/.github/workflows/hackme.yml +0 -0
  348. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/config-scenarios/config-in-dotgithub/.github/zizmor.yml +0 -0
  349. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/config-scenarios/config-in-root/.github/workflows/hackme.yml +0 -0
  350. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/config-scenarios/config-in-root/zizmor.yml +0 -0
  351. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/config-scenarios/disablement/.github/workflows/hackme.yml +0 -0
  352. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/config-scenarios/disablement/zizmor.yml +0 -0
  353. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/config-scenarios/zizmor.invalid-schema-1.yml +0 -0
  354. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/config-scenarios/zizmor.invalid-schema-2.yml +0 -0
  355. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/config-scenarios/zizmor.invalid-schema-3.yml +0 -0
  356. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/dependabot-cooldown/default-days-too-short/dependabot.yml +0 -0
  357. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/dependabot-cooldown/missing/dependabot.yml +0 -0
  358. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/dependabot-cooldown/no-default-days/dependabot.yml +0 -0
  359. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/dependabot-execution/basic/dependabot.yml +0 -0
  360. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/e2e-menagerie/.github/dummy-action-2/action.yml +0 -0
  361. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/e2e-menagerie/.github/workflows/another-dummy.yml +0 -0
  362. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/e2e-menagerie/.github/workflows/dummy.yml +0 -0
  363. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/e2e-menagerie/.github/workflows/ignored.yaml +0 -0
  364. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/e2e-menagerie/.gitignore +0 -0
  365. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/e2e-menagerie/README.md +0 -0
  366. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/e2e-menagerie/dummy-action-1/action.yaml +0 -0
  367. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions/issue-336-repro.yml +0 -0
  368. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions/issue-472-repro.yml +0 -0
  369. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions/jobs-broaden-permissions.yml +0 -0
  370. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions/reusable-workflow-call.yml +0 -0
  371. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions/reusable-workflow-other-triggers.yml +0 -0
  372. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions/workflow-default-perms-all-jobs-explicit.yml +0 -0
  373. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions/workflow-default-perms.yml +0 -0
  374. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions/workflow-empty-perms.yml +0 -0
  375. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions/workflow-read-all.yml +0 -0
  376. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions/workflow-write-all.yml +0 -0
  377. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions/workflow-write-explicit.yml +0 -0
  378. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/excessive-permissions.yml +0 -0
  379. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/forbidden-uses/configs/allow-all.yml +0 -0
  380. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/forbidden-uses/configs/allow-some-refs.yml +0 -0
  381. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/forbidden-uses/configs/allow-some.yml +0 -0
  382. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/forbidden-uses/configs/deny-all.yml +0 -0
  383. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/forbidden-uses/configs/deny-some-refs.yml +0 -0
  384. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/forbidden-uses/configs/deny-some.yml +0 -0
  385. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/forbidden-uses/forbidden-uses-menagerie.yml +0 -0
  386. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/github-env/action.yml +0 -0
  387. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/github-env/github-path.yml +0 -0
  388. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/github-env/issue-397-repro.yml +0 -0
  389. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/github_env.yml +0 -0
  390. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/hardcoded-credentials.yml +0 -0
  391. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/inlined-ignores.yml +0 -0
  392. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/insecure-commands/action.yml +0 -0
  393. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/insecure-commands/issue-839-repro.yml +0 -0
  394. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/insecure-commands.yml +0 -0
  395. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/invalid/bad-yaml-1.yml +0 -0
  396. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/invalid/bad-yaml-2.yml +0 -0
  397. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/invalid/blank.yml +0 -0
  398. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/invalid/comment-only.yml +0 -0
  399. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/invalid/empty-action/action.yml +0 -0
  400. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/invalid/empty.yml +0 -0
  401. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/invalid/invalid-action-1/action.yml +0 -0
  402. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/invalid/invalid-action-2/action.yml +0 -0
  403. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/invalid/invalid-workflow-2.yml +0 -0
  404. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/invalid/invalid-workflow.yml +0 -0
  405. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/issue-1065.yml +0 -0
  406. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/issue-612-repro/action.yml +0 -0
  407. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/neutral.yml +0 -0
  408. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/obfuscation/computed-indices.yml +0 -0
  409. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/obfuscation/issue-1177-repro.yml +0 -0
  410. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/obfuscation.yml +0 -0
  411. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/overprovisioned-secrets.yml +0 -0
  412. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/pr-960-backstop/action.yml +0 -0
  413. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/ref-confusion/issue-518-repro.yml +0 -0
  414. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/ref-confusion.yml +0 -0
  415. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/ref-version-mismatch.yml +0 -0
  416. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/secrets-inherit.yml +0 -0
  417. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/self-hosted/issue-283-repro.yml +0 -0
  418. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/self-hosted/self-hosted-matrix-dimension.yml +0 -0
  419. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/self-hosted/self-hosted-matrix-exclusion.yml +0 -0
  420. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/self-hosted/self-hosted-matrix-inclusion.yml +0 -0
  421. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/self-hosted/self-hosted-runner-group.yml +0 -0
  422. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/self-hosted/self-hosted-runner-label.yml +0 -0
  423. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/self-hosted.yml +0 -0
  424. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/several-vulnerabilities.yml +0 -0
  425. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/stale-action-refs.yml +0 -0
  426. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/addnab-docker-run-action.yml +0 -0
  427. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/codeql-sinks.yml +0 -0
  428. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/dataflow.yml +0 -0
  429. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/false-positive-menagerie.yml +0 -0
  430. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/input-caps.yml +0 -0
  431. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/issue-22-repro.yml +0 -0
  432. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/issue-339-repro.yml +0 -0
  433. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/issue-418-repro.yml +0 -0
  434. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/issue-749-repro.yml +0 -0
  435. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/issue-883-repro/action.yml +0 -0
  436. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/issue-988-repro.yml +0 -0
  437. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/multiline-expression.yml +0 -0
  438. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/patterns.yml +0 -0
  439. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/pr-317-repro.yml +0 -0
  440. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/pr-425-backstop/action.yml +0 -0
  441. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/pwsh-script.yml +0 -0
  442. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/static-env.yml +0 -0
  443. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/template-injection-dynamic-matrix.yml +0 -0
  444. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection/template-injection-static-matrix.yml +0 -0
  445. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/template-injection.yml +0 -0
  446. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/undocumented-permissions/contents-read-only.yml +0 -0
  447. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/undocumented-permissions/contents-read-with-other.yml +0 -0
  448. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/undocumented-permissions/documented.yml +0 -0
  449. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/undocumented-permissions/empty-permissions.yml +0 -0
  450. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/undocumented-permissions/partially-documented.yml +0 -0
  451. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/undocumented-permissions.yml +0 -0
  452. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-images.yml +0 -0
  453. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/action.yml +0 -0
  454. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/composite-2.yml +0 -0
  455. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/composite.yml +0 -0
  456. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/empty.yml +0 -0
  457. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/hash-pin-everything.yml +0 -0
  458. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/invalid-policy-syntax-1.yml +0 -0
  459. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/invalid-policy-syntax-2.yml +0 -0
  460. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/invalid-policy-syntax-3.yml +0 -0
  461. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/invalid-policy-syntax-4.yml +0 -0
  462. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/invalid-policy-syntax-5.yml +0 -0
  463. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/invalid-policy-syntax-6.yml +0 -0
  464. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/invalid-wrong-policy-object.yml +0 -0
  465. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/configs/ref-pin-everything.yml +0 -0
  466. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/issue-433-repro.yml +0 -0
  467. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/issue-659-repro.yml +0 -0
  468. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses/menagerie-of-uses.yml +0 -0
  469. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unpinned-uses.yml +0 -0
  470. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unredacted-secrets.yml +0 -0
  471. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unsound-condition.yml +0 -0
  472. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/unsound-contains.yml +0 -0
  473. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/use-trusted-publishing/cargo-publish.yml +0 -0
  474. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/use-trusted-publishing/demo-action/action.yml +0 -0
  475. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/use-trusted-publishing/issue-1191-repro.yml +0 -0
  476. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/use-trusted-publishing/npm-publish.yml +0 -0
  477. {zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/tests/integration/test-data/use-trusted-publishing.yml +0 -0
  478. {zizmor-1.15.0 → zizmor-1.15.2}/pyproject.toml +0 -0
{zizmor-1.15.0 → zizmor-1.15.2}/Cargo.lock RENAMED
@@ -840,7 +840,7 @@ dependencies = [
840
840
 
841
841
  [[package]]
842
842
  name = "github-actions-models"
843
- version = "0.33.0"
843
+ version = "0.36.0"
844
844
  dependencies = [
845
845
  "indexmap",
846
846
  "serde",
@@ -3779,7 +3779,7 @@ dependencies = [
3779
3779
 
3780
3780
  [[package]]
3781
3781
  name = "zizmor"
3782
- version = "1.15.0"
3782
+ version = "1.15.2"
3783
3783
  dependencies = [
3784
3784
  "annotate-snippets",
3785
3785
  "anstream",
{zizmor-1.15.0 → zizmor-1.15.2}/Cargo.toml RENAMED
@@ -13,7 +13,7 @@ rust-version = "1.88.0"
13
13
  [workspace.dependencies]
14
14
  anyhow = "1.0.100"
15
15
  github-actions-expressions = { path = "crates/github-actions-expressions", version = "0.0.10" }
16
- github-actions-models = { path = "crates/github-actions-models", version = "0.33.0" }
16
+ github-actions-models = { path = "crates/github-actions-models", version = "0.36.0" }
17
17
  itertools = "0.14.0"
18
18
  pest = "2.8.3"
19
19
  pest_derive = "2.8.3"
{zizmor-1.15.0 → zizmor-1.15.2}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: zizmor
3
- Version: 1.15.0
3
+ Version: 1.15.2
4
4
  License-File: LICENSE
5
5
  Home-Page: https://docs.zizmor.sh
6
6
  Requires-Python: >=3.9
{zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/Cargo.toml RENAMED
@@ -1,6 +1,6 @@
1
1
  [package]
2
2
  name = "github-actions-models"
3
- version = "0.33.0"
3
+ version = "0.36.0"
4
4
  description = "Unofficial, high-quality data models for GitHub Actions workflows, actions, and related components"
5
5
  repository = "https://github.com/zizmorcore/zizmor/tree/main/crates/github-actions-models"
6
6
  keywords = ["github", "ci"]
{zizmor-1.15.0 → zizmor-1.15.2}/crates/github-actions-models/src/dependabot/v2.rs RENAMED
@@ -7,6 +7,8 @@
7
7
  use indexmap::{IndexMap, IndexSet};
8
8
  use serde::Deserialize;
9
9
 
10
+ use crate::common::custom_error;
11
+
10
12
  /// A `dependabot.yml` configuration file.
11
13
  #[derive(Deserialize, Debug)]
12
14
  #[serde(rename_all = "kebab-case")]
@@ -245,23 +247,58 @@ pub enum AllowDeny {
245
247
  #[derive(Deserialize, Debug, PartialEq)]
246
248
  #[serde(rename_all = "kebab-case")]
247
249
  pub enum PackageEcosystem {
250
+ /// `bun`
251
+ Bun,
252
+ /// `bundler`
248
253
  Bundler,
254
+ /// `cargo`
249
255
  Cargo,
256
+ /// `composer`
250
257
  Composer,
258
+ /// `conda`
259
+ Conda,
260
+ /// `devcontainers`
261
+ Devcontainers,
262
+ /// `docker`
251
263
  Docker,
264
+ /// `docker-compose`
265
+ DockerCompose,
266
+ /// `dotnet-sdk`
267
+ DotnetSdk,
268
+ /// `helm`
269
+ Helm,
270
+ /// `elm`
252
271
  Elm,
272
+ /// `gitsubmodule`
253
273
  Gitsubmodule,
274
+ /// `github-actions`
254
275
  GithubActions,
276
+ /// `gomod`
255
277
  Gomod,
278
+ /// `gradle`
256
279
  Gradle,
280
+ /// `maven`
257
281
  Maven,
282
+ /// `mix`
258
283
  Mix,
284
+ /// `npm`
259
285
  Npm,
286
+ /// `nuget`
260
287
  Nuget,
288
+ /// `pip`
261
289
  Pip,
290
+ /// `pub`
262
291
  Pub,
292
+ /// `rust-toolchain`
293
+ RustToolchain,
294
+ /// `swift`
263
295
  Swift,
296
+ /// `terraform`
264
297
  Terraform,
298
+ /// `uv`
299
+ Uv,
300
+ /// `vcpkg`
301
+ Vcpkg,
265
302
  }
266
303
 
267
304
  /// Rebase strategies for Dependabot updates.
@@ -275,12 +312,48 @@ pub enum RebaseStrategy {
275
312
 
276
313
  /// Scheduling settings for Dependabot updates.
277
314
  #[derive(Deserialize, Debug)]
278
- #[serde(rename_all = "kebab-case")]
315
+ #[serde(rename_all = "kebab-case", remote = "Self")]
279
316
  pub struct Schedule {
280
317
  pub interval: Interval,
281
318
  pub day: Option<Day>,
282
319
  pub time: Option<String>,
283
320
  pub timezone: Option<String>,
321
+ pub cronjob: Option<String>,
322
+ }
323
+
324
+ impl<'de> Deserialize<'de> for Schedule {
325
+ fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
326
+ where
327
+ D: serde::Deserializer<'de>,
328
+ {
329
+ let schedule = Self::deserialize(deserializer)?;
330
+
331
+ if schedule.interval == Interval::Cron && schedule.cronjob.is_none() {
332
+ return Err(custom_error::<D>(
333
+ "`schedule.cronjob` must be set when `schedule.interval` is `cron`",
334
+ ));
335
+ }
336
+
337
+ if schedule.interval != Interval::Cron && schedule.cronjob.is_some() {
338
+ return Err(custom_error::<D>(
339
+ "`schedule.cronjob` may only be set when `schedule.interval` is `cron`",
340
+ ));
341
+ }
342
+
343
+ if schedule.interval != Interval::Weekly && schedule.day.is_some() {
344
+ return Err(custom_error::<D>(
345
+ "`schedule.day` is only valid when `schedule.interval` is `weekly`",
346
+ ));
347
+ }
348
+
349
+ Ok(Self {
350
+ interval: schedule.interval,
351
+ day: schedule.day,
352
+ time: schedule.time,
353
+ timezone: schedule.timezone,
354
+ cronjob: schedule.cronjob,
355
+ })
356
+ }
284
357
  }
285
358
 
286
359
  /// Schedule intervals.
@@ -290,6 +363,10 @@ pub enum Interval {
290
363
  Daily,
291
364
  Weekly,
292
365
  Monthly,
366
+ Quarterly,
367
+ Semiannually,
368
+ Yearly,
369
+ Cron,
293
370
  }
294
371
 
295
372
  /// Days of the week.
zizmor-1.15.2/crates/github-actions-models/tests/sample-dependabot/v2/cron-missing-cronjob.invalid.yml ADDED
@@ -0,0 +1,6 @@
1
+ version: 2
2
+ updates:
3
+ - package-ecosystem: npm
4
+ directory: "/"
5
+ schedule:
6
+ interval: cron
zizmor-1.15.2/crates/github-actions-models/tests/sample-dependabot/v2/cronjob-on-daily.invalid.yml ADDED
@@ -0,0 +1,7 @@
1
+ version: 2
2
+ updates:
3
+ - package-ecosystem: npm
4
+ directory: "/"
5
+ schedule:
6
+ interval: daily
7
+ cronjob: "0 3 * * *"
zizmor-1.15.2/crates/github-actions-models/tests/sample-dependabot/v2/day-on-daily.invalid.yml ADDED
@@ -0,0 +1,7 @@
1
+ version: 2
2
+ updates:
3
+ - package-ecosystem: npm
4
+ directory: "/"
5
+ schedule:
6
+ interval: daily
7
+ day: monday
zizmor-1.15.2/crates/github-actions-models/tests/sample-dependabot/v2/devcontainers.yml ADDED
@@ -0,0 +1,8 @@
1
+ # from: https://containers.dev/guide/dependabot
2
+
3
+ version: 2
4
+ updates:
5
+ - package-ecosystem: "devcontainers" # See documentation for possible values
6
+ directory: "/"
7
+ schedule:
8
+ interval: weekly
zizmor-1.15.2/crates/github-actions-models/tests/sample-dependabot/v2/weekly-with-day.yml ADDED
@@ -0,0 +1,7 @@
1
+ version: 2
2
+ updates:
3
+ - package-ecosystem: npm
4
+ directory: "/"
5
+ schedule:
6
+ interval: weekly
7
+ day: friday
zizmor-1.15.2/crates/github-actions-models/tests/test_dependabot_v2.rs ADDED
@@ -0,0 +1,134 @@
1
+ use std::path::{Path, PathBuf};
2
+
3
+ use github_actions_models::dependabot::v2::{
4
+ Day, Dependabot, Directories, Interval, PackageEcosystem, RebaseStrategy,
5
+ };
6
+ use indexmap::IndexSet;
7
+
8
+ fn sample_dir() -> PathBuf {
9
+ Path::new(env!("CARGO_MANIFEST_DIR")).join("tests/sample-dependabot/v2")
10
+ }
11
+
12
+ fn load_dependabot_result(name: &str) -> Result<Dependabot, serde_yaml::Error> {
13
+ let workflow_path = sample_dir().join(name);
14
+ let dependabot_contents = std::fs::read_to_string(&workflow_path)
15
+ .unwrap_or_else(|err| panic!("failed to read {}: {err}", workflow_path.display()));
16
+ serde_yaml::from_str(&dependabot_contents)
17
+ }
18
+
19
+ fn load_dependabot(name: &str) -> Dependabot {
20
+ load_dependabot_result(name).unwrap()
21
+ }
22
+
23
+ #[test]
24
+ fn test_load_all() {
25
+ for sample_config in std::fs::read_dir(sample_dir()).unwrap() {
26
+ let sample_path = sample_config.unwrap().path();
27
+
28
+ if sample_path.extension().and_then(|ext| ext.to_str()) != Some("yml") {
29
+ continue;
30
+ }
31
+
32
+ let sample_name = sample_path
33
+ .file_name()
34
+ .and_then(|name| name.to_str())
35
+ .expect("sample file name not valid UTF-8");
36
+
37
+ let result = load_dependabot_result(sample_name);
38
+
39
+ let is_invalid = sample_name.contains(".invalid.");
40
+
41
+ if is_invalid {
42
+ assert!(
43
+ result.is_err(),
44
+ "expected {sample_name} to fail deserialization"
45
+ );
46
+ } else {
47
+ result.unwrap();
48
+ }
49
+ }
50
+ }
51
+
52
+ #[test]
53
+ fn test_contents() {
54
+ let dependabot = load_dependabot("sigstore-python.yml");
55
+
56
+ assert_eq!(dependabot.version, 2);
57
+ assert_eq!(dependabot.updates.len(), 3);
58
+
59
+ let pip = &dependabot.updates[0];
60
+ assert_eq!(pip.package_ecosystem, PackageEcosystem::Pip);
61
+ assert_eq!(pip.directories, Directories::Directory("/".into()));
62
+ assert_eq!(pip.schedule.interval, Interval::Daily);
63
+ assert_eq!(pip.open_pull_requests_limit, 5); // default
64
+
65
+ let github_actions = &dependabot.updates[1];
66
+ assert_eq!(
67
+ github_actions.package_ecosystem,
68
+ PackageEcosystem::GithubActions
69
+ );
70
+ assert_eq!(
71
+ github_actions.directories,
72
+ Directories::Directory("/".into())
73
+ );
74
+ assert_eq!(github_actions.open_pull_requests_limit, 99);
75
+ assert_eq!(github_actions.rebase_strategy, RebaseStrategy::Disabled);
76
+ assert_eq!(github_actions.groups.len(), 1);
77
+ assert_eq!(
78
+ github_actions.groups["actions"].patterns,
79
+ IndexSet::from(["*".to_string()])
80
+ );
81
+
82
+ let github_actions = &dependabot.updates[2];
83
+ assert_eq!(
84
+ github_actions.package_ecosystem,
85
+ PackageEcosystem::GithubActions
86
+ );
87
+ assert_eq!(
88
+ github_actions.directories,
89
+ Directories::Directory(".github/actions/upload-coverage/".into())
90
+ );
91
+ assert_eq!(github_actions.open_pull_requests_limit, 99);
92
+ assert_eq!(github_actions.rebase_strategy, RebaseStrategy::Disabled);
93
+ assert_eq!(github_actions.groups.len(), 1);
94
+ assert_eq!(
95
+ github_actions.groups["actions"].patterns,
96
+ IndexSet::from(["*".to_string()])
97
+ );
98
+ }
99
+
100
+ #[test]
101
+ fn test_schedule_cron_requires_expression() {
102
+ let err = load_dependabot_result("cron-missing-cronjob.invalid.yml").unwrap_err();
103
+ assert!(
104
+ err.to_string()
105
+ .contains("`schedule.cronjob` must be set when `schedule.interval` is `cron`")
106
+ );
107
+ }
108
+
109
+ #[test]
110
+ fn test_schedule_cronjob_rejected_for_non_cron() {
111
+ let err = load_dependabot_result("cronjob-on-daily.invalid.yml").unwrap_err();
112
+ assert!(
113
+ err.to_string()
114
+ .contains("`schedule.cronjob` may only be set when `schedule.interval` is `cron`")
115
+ );
116
+ }
117
+
118
+ #[test]
119
+ fn test_schedule_day_only_for_weekly() {
120
+ let err = load_dependabot_result("day-on-daily.invalid.yml").unwrap_err();
121
+ assert!(
122
+ err.to_string()
123
+ .contains("`schedule.day` is only valid when `schedule.interval` is `weekly`")
124
+ );
125
+ }
126
+
127
+ #[test]
128
+ fn test_schedule_weekly_accepts_day() {
129
+ let dependabot = load_dependabot("weekly-with-day.yml");
130
+ assert_eq!(dependabot.updates.len(), 1);
131
+ let schedule = &dependabot.updates[0].schedule;
132
+ assert_eq!(schedule.interval, Interval::Weekly);
133
+ assert_eq!(schedule.day, Some(Day::Friday));
134
+ }
{zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/Cargo.toml RENAMED
@@ -1,7 +1,7 @@
1
1
  [package]
2
2
  name = "zizmor"
3
3
  description = "Static analysis for GitHub Actions"
4
- version = "1.15.0"
4
+ version = "1.15.2"
5
5
  repository = "https://github.com/zizmorcore/zizmor"
6
6
  documentation = "https://docs.zizmor.sh"
7
7
  keywords = ["cli", "github-actions", "static-analysis", "security"]
zizmor-1.15.0/crates/github-actions-models/tests/test_dependabot_v2.rs DELETED
@@ -1,73 +0,0 @@
1
- use std::path::Path;
2
-
3
- use github_actions_models::dependabot::v2::{
4
- Dependabot, Directories, Interval, PackageEcosystem, RebaseStrategy,
5
- };
6
- use indexmap::IndexSet;
7
-
8
- fn load_dependabot(name: &str) -> Dependabot {
9
- let workflow_path = Path::new(env!("CARGO_MANIFEST_DIR"))
10
- .join("tests/sample-dependabot/v2")
11
- .join(name);
12
- let dependabot_contents = std::fs::read_to_string(workflow_path).unwrap();
13
- serde_yaml::from_str(&dependabot_contents).unwrap()
14
- }
15
-
16
- #[test]
17
- fn test_load_all() {
18
- let sample_configs = Path::new(env!("CARGO_MANIFEST_DIR")).join("tests/sample-dependabot/v2");
19
-
20
- for sample_config in std::fs::read_dir(sample_configs).unwrap() {
21
- let sample_workflow = sample_config.unwrap().path();
22
- let contents = std::fs::read_to_string(sample_workflow).unwrap();
23
- serde_yaml::from_str::<Dependabot>(&contents).unwrap();
24
- }
25
- }
26
-
27
- #[test]
28
- fn test_contents() {
29
- let dependabot = load_dependabot("sigstore-python.yml");
30
-
31
- assert_eq!(dependabot.version, 2);
32
- assert_eq!(dependabot.updates.len(), 3);
33
-
34
- let pip = &dependabot.updates[0];
35
- assert_eq!(pip.package_ecosystem, PackageEcosystem::Pip);
36
- assert_eq!(pip.directories, Directories::Directory("/".into()));
37
- assert_eq!(pip.schedule.interval, Interval::Daily);
38
- assert_eq!(pip.open_pull_requests_limit, 5); // default
39
-
40
- let github_actions = &dependabot.updates[1];
41
- assert_eq!(
42
- github_actions.package_ecosystem,
43
- PackageEcosystem::GithubActions
44
- );
45
- assert_eq!(
46
- github_actions.directories,
47
- Directories::Directory("/".into())
48
- );
49
- assert_eq!(github_actions.open_pull_requests_limit, 99);
50
- assert_eq!(github_actions.rebase_strategy, RebaseStrategy::Disabled);
51
- assert_eq!(github_actions.groups.len(), 1);
52
- assert_eq!(
53
- github_actions.groups["actions"].patterns,
54
- IndexSet::from(["*".to_string()])
55
- );
56
-
57
- let github_actions = &dependabot.updates[2];
58
- assert_eq!(
59
- github_actions.package_ecosystem,
60
- PackageEcosystem::GithubActions
61
- );
62
- assert_eq!(
63
- github_actions.directories,
64
- Directories::Directory(".github/actions/upload-coverage/".into())
65
- );
66
- assert_eq!(github_actions.open_pull_requests_limit, 99);
67
- assert_eq!(github_actions.rebase_strategy, RebaseStrategy::Disabled);
68
- assert_eq!(github_actions.groups.len(), 1);
69
- assert_eq!(
70
- github_actions.groups["actions"].patterns,
71
- IndexSet::from(["*".to_string()])
72
- );
73
- }
{zizmor-1.15.0 → zizmor-1.15.2}/crates/yamlpath/LICENSE RENAMED
File without changes
{zizmor-1.15.0 → zizmor-1.15.2}/crates/zizmor/README.md RENAMED
File without changes