Zizmor

What's Changed
New Features 🌈
* feat: remote auditing by woodruffw in https://github.com/woodruffw/zizmor/pull/230
Bug Fixes 🐛
* fix: template-injection: ignore issue/PR numbers by woodruffw in https://github.com/woodruffw/zizmor/pull/238
Documentation Improvements 📖
* docs: restore search plugin by lazka in https://github.com/woodruffw/zizmor/pull/239

New Contributors
* lazka made their first contribution in https://github.com/woodruffw/zizmor/pull/239

**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.7.0...v0.8.0

<!-- Release notes generated using configuration in .github/release.yml at v0.7.0 -->

What's Changed
New Features 🌈
* Split unpinned-uses into two separate checks by funnelfiasco in https://github.com/woodruffw/zizmor/pull/205
* feat: even more precision for bash steps in github-env by ubiratansoares in https://github.com/woodruffw/zizmor/pull/208
* feat: add Step::default_shell by woodruffw in https://github.com/woodruffw/zizmor/pull/213
* feat: handle `shell: sh` in github-env by woodruffw in https://github.com/woodruffw/zizmor/pull/216
* feat: primitive Windows batch handling in github-env by woodruffw in https://github.com/woodruffw/zizmor/pull/217
* feat: unpinned-uses: make unhashed check pedantic for now by woodruffw in https://github.com/woodruffw/zizmor/pull/219
* feat: add personas by woodruffw in https://github.com/woodruffw/zizmor/pull/226
Bug Fixes 🐛
* fix: bump github-actions-models by woodruffw in https://github.com/woodruffw/zizmor/pull/211
Documentation Improvements 📖
* docs: tweak installation layout by woodruffw in https://github.com/woodruffw/zizmor/pull/223


**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.6.0...v0.7.0

<!-- Release notes generated using configuration in .github/release.yml at v0.6.0 -->

What's Changed

This is one of `zizmor`'s bigger recent releases! Key enhancements include:

* A new `github-env` audit that detects dangerous `GITHUB_ENV` writes,
courtesy of ubiratansoares
* The `--min-severity` and `--min-confidence` flags for filtering results,
courtest (in part) of Ninja3047
* Support for ` zizmor: ignore[rule]` comments, courtesy of ubiratansoares

New Features 🌈

* feat: adds support to inlined ignores by ubiratansoares in https://github.com/woodruffw/zizmor/pull/187
* feat: add `--min-severity` by woodruffw in https://github.com/woodruffw/zizmor/pull/193
* feat: add `--min-confidence` by Ninja3047 in https://github.com/woodruffw/zizmor/pull/196
* feat: adds new github-env audit by ubiratansoares in https://github.com/woodruffw/zizmor/pull/192
* feat: improve precision for github-env by woodruffw in https://github.com/woodruffw/zizmor/pull/199
* feat: generalized ignore comments by woodruffw in https://github.com/woodruffw/zizmor/pull/200

Documentation Improvements 📖

* docs: document ignore comments by woodruffw in https://github.com/woodruffw/zizmor/pull/190
* docs: usage: add note about support for ignore comments by woodruffw in https://github.com/woodruffw/zizmor/pull/191
* docs: add page descriptions by woodruffw in https://github.com/woodruffw/zizmor/pull/194
* docs: add more useful 3p references by woodruffw in https://github.com/woodruffw/zizmor/pull/198

New Contributors

* Ninja3047 made their first contribution in https://github.com/woodruffw/zizmor/pull/196

**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.5.0...v0.6.0

<!-- Release notes generated using configuration in .github/release.yml at v0.5.0 -->

What's Changed
New Features 🌈
* feat: improve workflow registry error by woodruffw in https://github.com/woodruffw/zizmor/pull/172
* feat: unsecure-commands-allowed audit by ubiratansoares in https://github.com/woodruffw/zizmor/pull/176
Documentation Improvements 📖
* docs: rewrite audit docs by woodruffw in https://github.com/woodruffw/zizmor/pull/167
* docs: enable social card generation by miketheman in https://github.com/woodruffw/zizmor/pull/175
* docs: more badges by woodruffw in https://github.com/woodruffw/zizmor/pull/180
* docs: adds recommentations on how to add or change audits by ubiratansoares in https://github.com/woodruffw/zizmor/pull/182

New Contributors
* chenrui333 made their first contribution in https://github.com/woodruffw/zizmor/pull/90

**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.4.0...v0.5.0

<!-- Release notes generated using configuration in .github/release.yml at v0.4.0 -->

What's Changed

New Features 🌈
* Fix singular and plural for 'findings' by hugovk in https://github.com/woodruffw/zizmor/pull/162
* feat: unpinned-uses audit by woodruffw in https://github.com/woodruffw/zizmor/pull/161

Bug Fixes 🐛
* Fix typos including `github.repostoryUrl` -> `github.repositoryUrl` by hugovk in https://github.com/woodruffw/zizmor/pull/164


**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.3.2...v0.4.0

<!-- Release notes generated using configuration in .github/release.yml at v0.3.2 -->

What's Changed
* fix(cli): remove '0 ignored' from another place by woodruffw in https://github.com/woodruffw/zizmor/pull/157
* perf: speed up impostor-commit's fast path by woodruffw in https://github.com/woodruffw/zizmor/pull/158
* fix(cli): fixup error printing by woodruffw in https://github.com/woodruffw/zizmor/pull/159


**Full Changelog**: https://github.com/woodruffw/zizmor/compare/v0.3.1...v0.3.2