Update zizmor to 1.22.0 by martincostello · Pull Request #2955 · App-vNext/Polly

martincostello · 2026-03-04T13:00:03Z

Bump zizmor version to v1.22.0.

Bump zizmor version to 1.22.0.

Copilot

Pull request overview

This PR bumps the zizmor CLI version used by the repository’s GitHub Actions lint workflow, keeping workflow linting aligned with zizmor v1.22.0.

Changes:

Update ZIZMOR_VERSION in the lint workflow from 1.21.0 to 1.22.0.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

codecov · 2026-03-04T13:06:31Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 96.15%. Comparing base (94c833b) to head (29caecf).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2955   +/-   ##
=======================================
  Coverage   96.15%   96.15%           
=======================================
  Files         309      309           
  Lines        7128     7128           
  Branches     1005     1005           
=======================================
  Hits         6854     6854           
  Misses        221      221           
  Partials       53       53

Flag	Coverage Δ
linux	`96.15% <ø> (ø)`
macos	`96.15% <ø> (ø)`
windows	`96.14% <ø> (ø)`

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Updated [Polly](https://github.com/App-vNext/Polly) from 8.6.6 to 8.7.0. <details> <summary>Release notes</summary> _Sourced from [Polly's releases](https://github.com/App-vNext/Polly/releases)._ ## 8.7.0 ## Highlights * Adds caller cancellation token propagation in hedging and timeout strategies by @DaRosenberg in App-vNext/Polly#3094 * Telemetry refactoring by @martincostello in App-vNext/Polly#2985 ## What's Changed * Update zizmor to 1.22.0 by @martincostello in App-vNext/Polly#2955 * Increase test timeout by @martincostello in App-vNext/Polly#2956 * Disable secrets-outside-env audit by @martincostello in App-vNext/Polly#2969 * Update zizmor to 1.23.1 by @martincostello in App-vNext/Polly#2970 * Update .NET NuGet packages by @martincostello in App-vNext/Polly#2982 * Add AGENTS.md by @martincostello in App-vNext/Polly#2983 * Fix typo in HTTP client integrations documentation by @alexravenna in App-vNext/Polly#2984 * Remove unused constant by @martincostello in App-vNext/Polly#2986 * Fix non-deterministic branch coverage in HedgingExecutionContext hedging delay tests by @Copilot in App-vNext/Polly#2997 * Bump GitHubActionsTestLogger to 3.0.2 by @martincostello in App-vNext/Polly#3000 * Bump actionlint to v1.7.12 by @martincostello in App-vNext/Polly#3006 * Bump sign by @martincostello in App-vNext/Polly#3008 * Move Public API baselines by @martincostello in App-vNext/Polly#3016 * Formatting tweaks by @martincostello in App-vNext/Polly#3017 * Formatting tweaks by @martincostello in App-vNext/Polly#3018 * Remove ZIZMOR_VERSION by @martincostello in App-vNext/Polly#3025 * Assert nullable has result by @martincostello in App-vNext/Polly#3028 * Update deprecated action input by @martincostello in App-vNext/Polly#3035 * Move dependabot to Friday by @martincostello in App-vNext/Polly#3044 * Fix tag comment by @martincostello in App-vNext/Polly#3045 * Fix dependabot group by @martincostello in App-vNext/Polly#3047 * Pin runner images by @martincostello in App-vNext/Polly#3065 * Bump Refit to 10.2.0 by @martincostello in App-vNext/Polly#3096 * Disable Azure deployments by @martincostello in App-vNext/Polly#3105 ## New Contributors * @alexravenna made their first contribution in App-vNext/Polly#2984 * @DaRosenberg made their first contribution in App-vNext/Polly#3094 **Full Changelog**: App-vNext/Polly@8.6.6...8.7.0 Commits viewable in [compare view](App-vNext/Polly@8.6.6...8.7.0). </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=Polly&package-manager=nuget&previous-version=8.6.6&new-version=8.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Updated [Polly](https://github.com/App-vNext/Polly) from 8.6.6 to 8.7.0. <details> <summary>Release notes</summary> _Sourced from [Polly's releases](https://github.com/App-vNext/Polly/releases)._ ## 8.7.0 ## Highlights * Adds caller cancellation token propagation in hedging and timeout strategies by @DaRosenberg in App-vNext/Polly#3094 * Telemetry refactoring by @martincostello in App-vNext/Polly#2985 ## What's Changed * Update zizmor to 1.22.0 by @martincostello in App-vNext/Polly#2955 * Increase test timeout by @martincostello in App-vNext/Polly#2956 * Disable secrets-outside-env audit by @martincostello in App-vNext/Polly#2969 * Update zizmor to 1.23.1 by @martincostello in App-vNext/Polly#2970 * Update .NET NuGet packages by @martincostello in App-vNext/Polly#2982 * Add AGENTS.md by @martincostello in App-vNext/Polly#2983 * Fix typo in HTTP client integrations documentation by @alexravenna in App-vNext/Polly#2984 * Remove unused constant by @martincostello in App-vNext/Polly#2986 * Fix non-deterministic branch coverage in HedgingExecutionContext hedging delay tests by @Copilot in App-vNext/Polly#2997 * Bump GitHubActionsTestLogger to 3.0.2 by @martincostello in App-vNext/Polly#3000 * Bump actionlint to v1.7.12 by @martincostello in App-vNext/Polly#3006 * Bump sign by @martincostello in App-vNext/Polly#3008 * Move Public API baselines by @martincostello in App-vNext/Polly#3016 * Formatting tweaks by @martincostello in App-vNext/Polly#3017 * Formatting tweaks by @martincostello in App-vNext/Polly#3018 * Remove ZIZMOR_VERSION by @martincostello in App-vNext/Polly#3025 * Assert nullable has result by @martincostello in App-vNext/Polly#3028 * Update deprecated action input by @martincostello in App-vNext/Polly#3035 * Move dependabot to Friday by @martincostello in App-vNext/Polly#3044 * Fix tag comment by @martincostello in App-vNext/Polly#3045 * Fix dependabot group by @martincostello in App-vNext/Polly#3047 * Pin runner images by @martincostello in App-vNext/Polly#3065 * Bump Refit to 10.2.0 by @martincostello in App-vNext/Polly#3096 * Disable Azure deployments by @martincostello in App-vNext/Polly#3105 ## New Contributors * @alexravenna made their first contribution in App-vNext/Polly#2984 * @DaRosenberg made their first contribution in App-vNext/Polly#3094 **Full Changelog**: App-vNext/Polly@8.6.6...8.7.0 Commits viewable in [compare view](App-vNext/Polly@8.6.6...8.7.0). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Update zizmor to 1.22.0

29caecf

Bump zizmor version to 1.22.0.

martincostello added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 4, 2026

Copilot AI review requested due to automatic review settings March 4, 2026 13:00

martincostello enabled auto-merge (squash) March 4, 2026 13:01

Copilot started reviewing on behalf of martincostello March 4, 2026 13:01 View session

Copilot AI reviewed Mar 4, 2026

View reviewed changes

martincostello merged commit f58d12e into main Mar 4, 2026
44 of 46 checks passed

martincostello deleted the zizmor-1.22.0 branch March 4, 2026 13:56

This was referenced Jun 11, 2026

Bump Polly from 8.6.6 to 8.7.0 microting/eform-sdk-dotnet#4691

Open

deps: Bump Polly from 8.6.6 to 8.7.0 Jaxelr/Email#461

Open

Bump Polly from 8.6.6 to 8.7.0 marcflohrer/stiebel-eltron-dashboard#592

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update zizmor to 1.22.0#2955

Update zizmor to 1.22.0#2955
martincostello merged 1 commit into
mainfrom
zizmor-1.22.0

martincostello commented Mar 4, 2026

Uh oh!

Copilot AI left a comment

Uh oh!

codecov Bot commented Mar 4, 2026 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Uh oh!

Conversation

martincostello commented Mar 4, 2026

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

codecov Bot commented Mar 4, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

codecov Bot commented Mar 4, 2026 •

edited

Loading