zizmor 1.3.0__py3-none-macosx_11_0_arm64.whl → 1.4.0__py3-none-macosx_11_0_arm64.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of zizmor might be problematic. Click here for more details.

Files changed (6) hide show
  1. {zizmor-1.3.0.data → zizmor-1.4.0.data}/scripts/zizmor +0 -0
  2. {zizmor-1.3.0.dist-info → zizmor-1.4.0.dist-info}/METADATA +13 -3
  3. zizmor-1.4.0.dist-info/RECORD +5 -0
  4. {zizmor-1.3.0.dist-info → zizmor-1.4.0.dist-info}/WHEEL +1 -1
  5. zizmor-1.3.0.dist-info/RECORD +0 -5
  6. {zizmor-1.3.0.dist-info → zizmor-1.4.0.dist-info}/licenses/LICENSE +0 -0
{zizmor-1.3.0.dist-info → zizmor-1.4.0.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: zizmor
3
- Version: 1.3.0
3
+ Version: 1.4.0
4
4
  License-File: LICENSE
5
5
  Summary: Static analysis for GitHub Actions
6
6
  Keywords: cli,github-actions,static-analysis,security
@@ -19,8 +19,18 @@ Project-URL: Source Code, https://github.com/woodruffw/zizmor
19
19
  [![Packaging status](https://repology.org/badge/tiny-repos/zizmor.svg)](https://repology.org/project/zizmor/versions)
20
20
  [![GitHub Sponsors](https://img.shields.io/github/sponsors/woodruffw?style=flat&logo=githubsponsors&labelColor=white&color=white)](https://github.com/sponsors/woodruffw)
21
21
 
22
- `zizmor` is a static analysis tool for GitHub Actions. It can find
23
- many common security issues in typical GitHub Actions CI/CD setups.
22
+ `zizmor` is a static analysis tool for GitHub Actions.
23
+
24
+ It can find many common security issues in typical GitHub Actions CI/CD setups,
25
+ including:
26
+
27
+ * Template injection vulnerabilities, leading to attacker-controlled code execution
28
+ * Accidental credential persistence and leakage
29
+ * Excessive permission scopes and credential grants to runners
30
+ * Impostor commits and confusable `git` references
31
+ * ...[and much more]!
32
+
33
+ [and much more]: https://woodruffw.github.io/zizmor/audits/
24
34
 
25
35
  ![zizmor demo](https://raw.githubusercontent.com/woodruffw/zizmor/main/docs/assets/zizmor-demo.gif)
26
36
 
zizmor-1.4.0.dist-info/RECORD ADDED
@@ -0,0 +1,5 @@
1
+ zizmor-1.4.0.dist-info/METADATA,sha256=Wt067DpRGzwNKFuIGOHcbttEAf6vMNodZGpf6SaUSWo,3243
2
+ zizmor-1.4.0.dist-info/WHEEL,sha256=oiIoWA86ebaZ_UawtPRyCEwCSNUxT3ItD3B2BJJ5cOA,101
3
+ zizmor-1.4.0.dist-info/licenses/LICENSE,sha256=pv0b0Y2nzsgoRjnVsNNRuQk0MXvhufnqlKB3YhxvNa8,1109
4
+ zizmor-1.4.0.data/scripts/zizmor,sha256=2eNmyXf2kSW70KbQjKU5qddOgah8rZa5cGjaCq2Gxm8,11582528
5
+ zizmor-1.4.0.dist-info/RECORD,,
{zizmor-1.3.0.dist-info → zizmor-1.4.0.dist-info}/WHEEL RENAMED
@@ -1,4 +1,4 @@
1
1
  Wheel-Version: 1.0
2
- Generator: maturin (1.8.1)
2
+ Generator: maturin (1.8.2)
3
3
  Root-Is-Purelib: false
4
4
  Tag: py3-none-macosx_11_0_arm64
zizmor-1.3.0.dist-info/RECORD DELETED
@@ -1,5 +0,0 @@
1
- zizmor-1.3.0.dist-info/METADATA,sha256=P9yJOH7KDZaGbNvHQjdTzv_oZZzgOYFXiJD3bY9Qgy0,2901
2
- zizmor-1.3.0.dist-info/WHEEL,sha256=wqKk6dS6XIEaB6XGHxfTFiDKoTfKjQftd4mnuTptnjw,101
3
- zizmor-1.3.0.dist-info/licenses/LICENSE,sha256=pv0b0Y2nzsgoRjnVsNNRuQk0MXvhufnqlKB3YhxvNa8,1109
4
- zizmor-1.3.0.data/scripts/zizmor,sha256=9eJnotoIeThkwUODzqavhuHXedR0JgN09q9vbKL_gEU,11560512
5
- zizmor-1.3.0.dist-info/RECORD,,