Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package zizmor for openSUSE:Factory checked in at 2025-11-26 18:50:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/zizmor (Old) and /work/SRC/openSUSE:Factory/.zizmor.new.14147 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "zizmor" Wed Nov 26 18:50:13 2025 rev:24 rq:1320125 version:1.17.0 Changes: -------- --- /work/SRC/openSUSE:Factory/zizmor/zizmor.changes 2025-11-06 18:15:58.786456193 +0100 +++ /work/SRC/openSUSE:Factory/.zizmor.new.14147/zizmor.changes 2025-11-26 18:50:37.975797120 +0100 @@ -1,0 +2,46 @@ +Wed Nov 26 06:23:09 UTC 2025 - Johannes Kastl <[email protected]> + +- Update to version 1.17.0: + * Enhancements + - zizmor now produces a more useful error message when asked to + collect only workflows from a remote input that contains no + workflows (#1324) + - zizmor now produces more precise severities on + actions/checkout versions that have more misuse-resistant + credentials persistence behavior (#1353) + - Many thanks to @ManuelLerchnerQC for proposing and + implementing this improvement! + - The use-trusted-publishing audit now correctly detecting more + "dry-run" patterns, making it significantly more accurate + (#1357) + - The obfuscation audit now detects usages of shell: cmd and + similar, as the Windows CMD shell lacks a formal grammar and + limits analysis of run: blocks in other audits (#1361) + * Performance Improvements + - zizmor's core has been refactored to be asynchronous, making + online and I/O-heavy audits significantly faster. Typical + user workloads should see speedups of 40% to 70% (#1314) + * Bug Fixes + - Fixed a bug where auto-fixes would fail to preserve a + document's final newline (#1323) + - zizmor now uses the native (OS) TLS roots when performing + HTTPS requests, improving compatibility with user + environments that perform TLS interception (#1328) + - The github-env audit now falls back to assuming bash-like + shell syntax in run: blocks if it can't infer the shell being + used (#1336) + - The concurrency-limits audit now correctly detects job-level + concurrency settings, in addition to workflow-level settings + (#1338) + - Fixed a bug where zizmor would fail to collect workflows with + names that overlapped with other input types (e.g. action.yml + and dependabot.yml) when passed explicitly by path (#1345) + * Dependencies + - chore(deps): bump github/codeql-action in the github-actions + group (#1331) + - chore(deps): bump the cargo group with 3 updates (#1358) + - chore(deps): bump the cargo group with 8 updates (#1330) + - chore(deps): bump the github-actions group with 2 updates + (#1343) + +------------------------------------------------------------------- Old: ---- zizmor-1.16.3.obscpio New: ---- zizmor-1.17.0.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ zizmor.spec ++++++ --- /var/tmp/diff_new_pack.7ANxVK/_old 2025-11-26 18:50:39.303853385 +0100 +++ /var/tmp/diff_new_pack.7ANxVK/_new 2025-11-26 18:50:39.307853555 +0100 @@ -17,7 +17,7 @@ Name: zizmor -Version: 1.16.3 +Version: 1.17.0 Release: 0 Summary: A static analysis tool for GitHub Actions License: MIT @@ -91,7 +91,9 @@ %{buildroot}/%{_bindir}/%{name} --completions=zsh > %{buildroot}%{_datarootdir}/zsh/site-functions/_%{name} %check -%{cargo_test} +# test fails starting with 1.17.0 +# https://github.com/zizmorcore/zizmor/issues/1370 +%{cargo_test} -- --skip test test_preserve_trailing_newline_replace_multiline_at_end %files %doc README.md ++++++ _service ++++++ --- /var/tmp/diff_new_pack.7ANxVK/_old 2025-11-26 18:50:39.371856266 +0100 +++ /var/tmp/diff_new_pack.7ANxVK/_new 2025-11-26 18:50:39.379856605 +0100 @@ -4,7 +4,7 @@ <param name="scm">git</param> <param name="exclude">.git</param> <param name="versionformat">@PARENT_TAG@</param> - <param name="revision">v1.16.3</param> + <param name="revision">v1.17.0</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="changesgenerate">enable</param> </service> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.7ANxVK/_old 2025-11-26 18:50:39.407857792 +0100 +++ /var/tmp/diff_new_pack.7ANxVK/_new 2025-11-26 18:50:39.411857961 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/woodruffw/zizmor</param> - <param name="changesrevision">d94931b9a603b1667ff3ebd9ba8001c88fb49de7</param></service></servicedata> + <param name="changesrevision">06ec8d881b48960bb7d4546d4fb9e5dbda744191</param></service></servicedata> (No newline at EOF) ++++++ vendor.tar.zst ++++++ /work/SRC/openSUSE:Factory/zizmor/vendor.tar.zst /work/SRC/openSUSE:Factory/.zizmor.new.14147/vendor.tar.zst differ: char 7, line 1 ++++++ zizmor-1.16.3.obscpio -> zizmor-1.17.0.obscpio ++++++ ++++ 8155 lines of diff (skipped) ++++++ zizmor.obsinfo ++++++ --- /var/tmp/diff_new_pack.7ANxVK/_old 2025-11-26 18:50:40.171890161 +0100 +++ /var/tmp/diff_new_pack.7ANxVK/_new 2025-11-26 18:50:40.179890500 +0100 @@ -1,5 +1,5 @@ name: zizmor -version: 1.16.3 -mtime: 1762355770 -commit: d94931b9a603b1667ff3ebd9ba8001c88fb49de7 +version: 1.17.0 +mtime: 1764096760 +commit: 06ec8d881b48960bb7d4546d4fb9e5dbda744191
