Releases: synacktiv/octoscan
Releases · synacktiv/octoscan
v0.1.4
Full Changelog: v0.1.3...v0.1.4
v0.1.3
What's Changed
- feat: add new rule called 'dangerous-artefact' it's based on this research https://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/
- feat: move oidc-action rule to debug rule since it's not a vulnerability
- feat: update GHSA list
- feat: also include actions/github-script in --filter-run
- chore(deps): bump github.com/google/osv-scanner from 1.9.0 to 1.9.1 by @dependabot in #14
New Contributors
- @dependabot made their first contribution in #14
Full Changelog: v0.1.2...v0.1.3
Contributors
dependabot
Assets 4
v0.1.2
What's Changed
- Add support for the sarif file format
- Add Dockerfile for the upcoming GitHub action
- Add filter-trigger to the
debug-artefactsrule
Full Changelog: v0.1.1...v0.1.2
v0.1.1
What's Changed
- Remove annoying
syntax-checkerrors - Add
-indangerous-chekoutrules to ignore checkout on static references - Add windows build in CI
Full Changelog: v0.1.0...v0.1.1
v0.1.0
This is the first release of octoscan ! :)
What's Changed
- [Download] Add --include-archives option by @bboilot-ledger in #1
- Return lint issues in LintRepositoryRecurse by @bboilot-ledger in #3
- Fix typos by @szepeviktor in #5
New Contributors
- @bboilot-ledger made their first contribution in #1
- @szepeviktor made their first contribution in #5
Full Changelog: https://github.com/synacktiv/octoscan/commits/v0.1.0
Contributors
szepeviktor and bboilot-ledger