Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package zizmor for openSUSE:Factory checked in at 2025-05-31 19:17:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/zizmor (Old) and /work/SRC/openSUSE:Factory/.zizmor.new.16005 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "zizmor" Sat May 31 19:17:28 2025 rev:11 rq:1281577 version:1.9.0 Changes: -------- --- /work/SRC/openSUSE:Factory/zizmor/zizmor.changes 2025-05-22 16:56:19.672538868 +0200 +++ /work/SRC/openSUSE:Factory/.zizmor.new.16005/zizmor.changes 2025-05-31 19:18:24.766602767 +0200 @@ -1,0 +2,26 @@ +Sat May 31 06:09:28 UTC 2025 - Johannes Kastl <opensuse_buildserv...@ojkastl.de> + +- Update to version 1.9.0: + * New Features + - zizmor now supports generating completions for Nushell (#838) + * Enhancements + - The template-injection audit has been rewritten, and is now + significantly more precise and general over contexts supplied + via GitHub's webhook payloads (i.e. github.event.*) (#745) + - The template-injection audit now detects vulnerable template + injections in more actions inputs, thanks to an integration + with CodeQL's sink metadata (#849) + * Bug Fixes + - The insecure-commands now correctly detects different truthy + values in ACTIONS_ALLOW_UNSECURE_COMMANDS (#840) + - The template-injection audit now correctly emits pedantic + findings in a blanket manner, rather than filtering them + based on the presence of other findings (#745) + - CLI: Fixed a misleading error message when zizmor is used + with a GitHub host other than github.com (#863) + * Dependencies + - chore(deps): bump the cargo group with 3 updates (#860) + - chore(deps): bump astral-sh/setup-uv in the github-actions + group (#859) + +------------------------------------------------------------------- Old: ---- zizmor-1.8.0.obscpio New: ---- zizmor-1.9.0.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ zizmor.spec ++++++ --- /var/tmp/diff_new_pack.UGmI8Z/_old 2025-05-31 19:18:25.678641186 +0200 +++ /var/tmp/diff_new_pack.UGmI8Z/_new 2025-05-31 19:18:25.678641186 +0200 @@ -17,11 +17,11 @@ Name: zizmor -Version: 1.8.0 +Version: 1.9.0 Release: 0 Summary: A static analysis tool for GitHub Actions License: MIT -URL: https://github.com/woodruffw/zizmor +URL: https://github.com/zizmorcore/zizmor Source0: %{name}-%{version}.tar.gz Source1: vendor.tar.zst BuildRequires: bash-completion ++++++ _service ++++++ --- /var/tmp/diff_new_pack.UGmI8Z/_old 2025-05-31 19:18:25.738643713 +0200 +++ /var/tmp/diff_new_pack.UGmI8Z/_new 2025-05-31 19:18:25.746644050 +0200 @@ -4,7 +4,7 @@ <param name="scm">git</param> <param name="exclude">.git</param> <param name="versionformat">@PARENT_TAG@</param> - <param name="revision">v1.8.0</param> + <param name="revision">v1.9.0</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="changesgenerate">enable</param> </service> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.UGmI8Z/_old 2025-05-31 19:18:25.766644893 +0200 +++ /var/tmp/diff_new_pack.UGmI8Z/_new 2025-05-31 19:18:25.770645061 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/woodruffw/zizmor</param> - <param name="changesrevision">4021d88eab42cd7b104ac0cdd2e20461e47b8d4c</param></service></servicedata> + <param name="changesrevision">5fbfaebd18a0c93de39eb5888e02607cb7205c9b</param></service></servicedata> (No newline at EOF) ++++++ vendor.tar.zst ++++++ /work/SRC/openSUSE:Factory/zizmor/vendor.tar.zst /work/SRC/openSUSE:Factory/.zizmor.new.16005/vendor.tar.zst differ: char 7, line 1 ++++++ zizmor-1.8.0.obscpio -> zizmor-1.9.0.obscpio ++++++ ++++ 8546 lines of diff (skipped) ++++++ zizmor.obsinfo ++++++ --- /var/tmp/diff_new_pack.UGmI8Z/_old 2025-05-31 19:18:26.078658036 +0200 +++ /var/tmp/diff_new_pack.UGmI8Z/_new 2025-05-31 19:18:26.082658205 +0200 @@ -1,5 +1,5 @@ name: zizmor -version: 1.8.0 -mtime: 1747771226 -commit: 4021d88eab42cd7b104ac0cdd2e20461e47b8d4c +version: 1.9.0 +mtime: 1748640501 +commit: 5fbfaebd18a0c93de39eb5888e02607cb7205c9b
