New version: zizmor.zizmor version 1.21.0 (microsoft#330923)

Author: UnownBot

manifests/z/zizmor/zizmor/1.21.0/zizmor.zizmor.installer.yaml

@@ -0,0 +1,20 @@
+# Created with komac v2.14.0
+# yaml-language-server: $schema=https://aka.ms/winget-manifest.installer.1.12.0.schema.json
+
+PackageIdentifier: zizmor.zizmor
+PackageVersion: 1.21.0
+InstallerType: zip
+NestedInstallerType: portable
+NestedInstallerFiles:
+- RelativeFilePath: zizmor.exe
+  PortableCommandAlias: zizmor
+UpgradeBehavior: install
+Commands:
+- zizmor
+ReleaseDate: 2026-01-16
+Installers:
+- Architecture: x64
+  InstallerUrl: https://github.com/zizmorcore/zizmor/releases/download/v1.21.0/zizmor-x86_64-pc-windows-msvc.zip
+  InstallerSha256: 978CFAB35E719D91B88966F0964D3A5E86E37EE3AA67EF7C3ED8E29B11886499
+ManifestType: installer
+ManifestVersion: 1.12.0

manifests/z/zizmor/zizmor/1.21.0/zizmor.zizmor.locale.en-US.yaml

@@ -0,0 +1,48 @@
+# Created with komac v2.14.0
+# yaml-language-server: $schema=https://aka.ms/winget-manifest.defaultLocale.1.12.0.schema.json
+
+PackageIdentifier: zizmor.zizmor
+PackageVersion: 1.21.0
+PackageLocale: en-US
+Publisher: William Woodruff
+PublisherUrl: https://zizmor.sh/
+PublisherSupportUrl: https://github.com/zizmorcore/zizmor/issues
+Author: William Woodruff
+PackageName: zizmor
+PackageUrl: https://zizmor.sh/
+License: MIT
+LicenseUrl: https://github.com/zizmorcore/zizmor/blob/HEAD/LICENSE
+Copyright: Copyright (c) 2024 William Woodruff <william @ yossarian.net>
+CopyrightUrl: https://github.com/zizmorcore/zizmor/blob/HEAD/LICENSE
+ShortDescription: Static analysis for GitHub Actions.
+Description: |-
+  zizmor is a static analysis tool for GitHub Actions.
+
+  It can find many common security issues in typical GitHub Actions CI/CD setups, including:
+  - Template injection vulnerabilities, leading to attacker-controlled code execution
+  - Accidental credential persistence and leakage
+  - Excessive permission scopes and credential grants to runners
+  - Impostor commits and confusable git references
+  - ...and much more!
+Tags:
+- github-actions
+- security
+- security-tools
+- static-analysis
+ReleaseNotes: |-
+  New Features 🌈🔗
+  - New audit: misfeature detects usage of GitHub Actions features that are considered "misfeatures." (#1517)
+  Enhancements 🌱🔗
+  - zizmor now uses exit code 3 to signal an audit that has failed because no input files were collected. See the exit code documentation for details (#1515)
+  - The unpinned-uses audit now supports auto-fixes for many findings (#1525)
+  Changes ⚠️🔗
+  - The obfuscation audit no longer flags shell: cmd. That check has been moved to the new misfeature audit. Users may need to update their ignore comments and/or configuration (#1517)
+  Bug Fixes 🐛🔗
+  - The unpinned-uses audit now flags reusable workflows that are unpinned, in addition to actions (#1509)
+    Many thanks to @johnbillion for implementing this fix!
+ReleaseNotesUrl: https://github.com/zizmorcore/zizmor/releases/tag/v1.21.0
+Documentations:
+- DocumentLabel: Docs
+  DocumentUrl: https://docs.zizmor.sh/
+ManifestType: defaultLocale
+ManifestVersion: 1.12.0

manifests/z/zizmor/zizmor/1.21.0/zizmor.zizmor.yaml

@@ -0,0 +1,8 @@
+# Created with komac v2.14.0
+# yaml-language-server: $schema=https://aka.ms/winget-manifest.version.1.12.0.schema.json
+
+PackageIdentifier: zizmor.zizmor
+PackageVersion: 1.21.0
+DefaultLocale: en-US
+ManifestType: version
+ManifestVersion: 1.12.0