v0.17.0
Changelog for poutine v0.17.0 ππ
Happy 1st Anniversary to poutine! We're thrilled to mark this milestone with a significant release packed with new capabilities and improvements.
New Features π
- π Groundbreaking Stale Branch Analysis: Introduced by @Talgarr, newest full time member of our Security Research team, this highly efficient stale branches scanner helps uncover potentially exploitable
pull_request_targetvulnerabilities lurking in forgotten branches, even if they've been patched in the default branch. (#285) - Enhanced LOTP Analysis: Added support for many more Living Off The Pipeline (LOTP) tools, contributed by @Talgarr. (#286)
Improvements π§
- Optimized Skip Rule Logic: Refined the logic for skipping rules during analysis for better performance and accuracy. (#287)
- Linter Migration: Completed migration to a new linter setup as part of ongoing code quality efforts. (#284)
Dependency Updates β¬οΈ
GitHub Actions
- Updated
ossf/scorecard-actionfromv2.4.0tov2.4.1. (#268) - Updated
step-security/harden-runnerfromv2.10.4tov2.11.0. (#270) - Updated
github/codeql-actionfromv3.28.8tov3.28.13. (#281) - Updated
goreleaser/goreleaser-actionfromv6.1.0tov6.3.0. (#282)
Go Libraries
- Updated Go language version to
1.24. (#284) - Updated
github.com/spf13/cobrafromv1.8.1tov1.9.1. (#275) - Updated
github.com/open-policy-agent/opafromv1.1.0tov1.3.0. (#277) - General dependency updates. (#284)
New Contributors π
- Welcome @Talgarr from our Security Research team, making their first direct code contribution to the
poutinerepository (#285)! @Talgarr has been a major contributor to the related LOTP project, significantly influencing rule improvements in this release.
Full Changelog π
For a detailed view of all changes, see the full changelog.
Contributors
Talgarr