Skip to content

Issues: woodruffw/zizmor

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

37 Open 96 Closed
37 Open 96 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Feature: allow filename wildcard in config file enhancement New feature or request
#435 opened Jan 13, 2025 by Chocobo1
2 tasks done
5
template-injection: investigate other sinks enhancement New feature or request false-negative
#417 opened Jan 10, 2025 by woodruffw
2 tasks done
1
New audit: excessive secret provisioning new-audit New audits
#401 opened Jan 6, 2025 by woodruffw
@woodruffw
New audit: secret leakage new-audit New audits
#400 opened Jan 6, 2025 by woodruffw
@woodruffw
dangerous-triggers: change persona when permissions are constrained?
#398 opened Jan 6, 2025 by woodruffw
@woodruffw
1
Feature: "private repo" persona enhancement New feature or request
#396 opened Jan 6, 2025 by woodruffw
2 tasks done
1
[BUG]: Zizmor does not identify worflows in folders nested inside .github/worflows bug Something isn't working
#394 opened Jan 6, 2025 by fcasal
2 tasks done
1
uses: coordinates: be fully general over step inputs false-positive
#390 opened Jan 5, 2025 by woodruffw
Switch back to OSV for actions security advisories? enhancement New feature or request refactor Refactoring tasks
#380 opened Jan 3, 2025 by woodruffw
1
Composite actions: support for existing audits enhancement New feature or request help wanted Extra attention is needed
#350 opened Dec 23, 2024 by woodruffw
12 of 14 tasks
4
self-hosted-runner: detect Github large runners enhancement New feature or request
#327 opened Dec 18, 2024 by ubiratansoares
2 tasks done
2
docs: push per-audit docs further into codebase documentation Improvements or additions to documentation enhancement New feature or request
#325 opened Dec 17, 2024 by woodruffw
1
Figure out an online testing strategy tests
#306 opened Dec 16, 2024 by woodruffw
2
[BUG]: credential persistence through GitHub Actions artifacts bug Something isn't working triage Issue is being triaged
#290 opened Dec 13, 2024 by dcampbell24
2 tasks done
4
new audit: encourage use of shell: bash enhancement New feature or request help wanted Extra attention is needed new-audit New audits
#288 opened Dec 13, 2024 by lishaduck
2 tasks done
4
self-hosted-runner: detect non-GH runners that don't use self-hosted enhancement New feature or request false-negative
#286 opened Dec 12, 2024 by woodruffw
use-trusted-publishing: detect other PyPI uploading tools enhancement New feature or request false-negative
#282 opened Dec 12, 2024 by woodruffw
5 tasks
@woodruffw
Feature: Announce "THANK YOU, DR. ZIZMOR" upon local completion when no issues are found enhancement New feature or request
#281 opened Dec 12, 2024 by placer14
2 tasks done
2
Design a static HTTP API for serving pre-computed information enhancement New feature or request performance
#278 opened Dec 12, 2024 by woodruffw
New audit: old actions new-audit New audits
#260 opened Dec 9, 2024 by woodruffw
1
chore: move site-requirements to a PEP 735 dependency group blocked chore Repository maintenance tasks refactor Refactoring tasks
#256 opened Dec 9, 2024 by woodruffw
1
Figure out sub-field spanning enhancement New feature or request
#240 opened Dec 6, 2024 by woodruffw
@woodruffw
audit: use-trusted-publishing should emit a pedantic result when TP is used without an environment enhancement New feature or request
#237 opened Dec 6, 2024 by woodruffw
@woodruffw
github-env: refinements enhancement New feature or request
#197 opened Nov 24, 2024 by woodruffw
2 of 3 tasks
6
New audit: artifact poisoning enhancement New feature or request new-audit New audits
#195 opened Nov 24, 2024 by woodruffw
@woodruffw
ProTip! Follow long discussions with comments:>50.