Make this a pedantic audit

Author: aldur

src/audit/secrets_outside_environment.rs

@@ -4,7 +4,7 @@ use github_actions_models::{
 };
 
 use super::{Audit, audit_meta};
-use crate::{finding::Confidence, AuditState, AuditLoadError};
+use crate::{finding::Confidence, AuditState, AuditLoadError, Persona};
 
 pub(crate) struct SecretsOutsideEnvironment;
 
@@ -73,6 +73,7 @@ impl SecretsOutsideEnvironment {
                     .add_location(step.location().primary())
                     .confidence(Confidence::High)
                     .severity(crate::finding::Severity::High)
+                    .persona(Persona::Pedantic)
                     .build(step.workflow())?,
             );
         }

src/main.rs

@@ -530,6 +530,7 @@ fn run() -> Result<ExitCode> {
     register_audit!(audit::overprovisioned_secrets::OverprovisionedSecrets);
     register_audit!(audit::unredacted_secrets::UnredactedSecrets);
     register_audit!(audit::forbidden_uses::ForbiddenUses);
+    register_audit!(audit::secrets_outside_environment::SecretsOutsideEnvironment);
 
     let mut results = FindingRegistry::new(&app, &config);
     {

tests/integration/snapshot.rs

@@ -654,6 +654,7 @@ fn secrets_outside_environment() -> Result<()> {
     insta::assert_snapshot!(
         zizmor()
             .input(input_under_test("secrets-outside-environment.yml"))
+            .args(["--persona=pedantic"])
             .run()?
     );