v0.10.0
What's Changed
New Features π
- feat: handle powershell in github-env audit by @woodruffw in #227
- feat: template-injection: filter static envs by @woodruffw in #318
- feat: add 'primary' locations by @woodruffw in #328
- feat: initial cache-poisoning audit by @ubiratansoares in #294
- feat: Fix Sarif schema and add rules to Sarif files by @fcasal in #330
Bug Fixes π
- fix: template-injection: more safe contexts by @woodruffw in #309
- fix: expands_to_static_values considers expressions inside strings by @woodruffw in #317
- fix: sarif: add result and kind by @woodruffw in #68
- fix: sarif: use ResultKind for kind by @woodruffw in #326
Performance Improvements π
- refactor: use http-cache for caching, optimize network calls by @woodruffw in #304
Documentation Improvements π
- docs: support commits in trophy case by @woodruffw in #303
- docs: Fix typo in development.md by @JustusFluegel in #305
New Contributors
- @jsoref made their first contribution in #299
- @JustusFluegel made their first contribution in #305
- @fcasal made their first contribution in #330
Full Changelog: v0.9.2...v0.10.0
Contributors
ubiratansoares, jsoref, and 3 other contributors