Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 3 commits
- 33 files changed
- 3 contributors
Commits on Mar 12, 2026
-
Fix reachability filtering, add config file support (#169)
* Add SARIF scoping/reachability controls, config file support Signed-off-by: lelia <lelia@socket.dev> * Add coverage for new SARIF scoping, config file behavior Signed-off-by: lelia <lelia@socket.dev> * Add config examples for different use cases Signed-off-by: lelia <lelia@socket.dev> * Refactor docs to reduce README complexity, create dedicated CLI and CI/CD guides Signed-off-by: lelia <lelia@socket.dev> * Bump version for release Signed-off-by: lelia <lelia@socket.dev> * Add shared selector/filter module Signed-off-by: lelia <lelia@socket.dev> * Refactor output handling to use shared alert selection Signed-off-by: lelia <lelia@socket.dev> * Refactor Slack diff filtering to use shared selection semantics, facts-aware reachable filtering Signed-off-by: lelia <lelia@socket.dev> * Add unit tests for shared selection logic Signed-off-by: lelia <lelia@socket.dev> * Add unit tests for new Slack behavior Signed-off-by: lelia <lelia@socket.dev> * Update output tests for strict-blocking and SARIF Signed-off-by: lelia <lelia@socket.dev> * Add JSON config examples for reference Signed-off-by: lelia <lelia@socket.dev> * Remove unnecessary backwards compat logic Signed-off-by: lelia <lelia@socket.dev> * Docs refactor for better readability, dedicated guides for CLI + CI/CD usage Signed-off-by: lelia <lelia@socket.dev> * Bump version for release Signed-off-by: lelia <lelia@socket.dev> * Fix missing version check expected in PR preview Signed-off-by: lelia <lelia@socket.dev> * Fix PR preview worklfow to use updated version check Signed-off-by: lelia <lelia@socket.dev> * Fix e2e regression tests to use correct SARIF flags and remove legacy assertions Signed-off-by: lelia <lelia@socket.dev> --------- Signed-off-by: lelia <lelia@socket.dev>
Commits on Mar 23, 2026
-
Update required Python version, tweak CI checks (#172)
* Add guard to not run on external fork PRs Signed-off-by: lelia <lelia@socket.dev> * Update python tests to include installation check Signed-off-by: lelia <lelia@socket.dev> * Bump project verison and required Python version Signed-off-by: lelia <lelia@socket.dev> * Add more unit test checks Signed-off-by: lelia <lelia@socket.dev> * Bump project version and required Python version Signed-off-by: lelia <lelia@socket.dev> * Add additional guardrails for PR check behaviors Signed-off-by: lelia <lelia@socket.dev> --------- Signed-off-by: lelia <lelia@socket.dev>
Commits on Mar 25, 2026
-
Fix GitHub Actions workflow security issues (zizmor) (#173)
- Fix template injection vulnerabilities by using environment variables instead of inline expressions in shell scripts (docker-stable, release) - Pin third-party actions to full SHA commits (docker-stable) - Add top-level permissions blocks with least-privilege scoping (docker-stable, e2e-test, version-check) - Add persist-credentials: false to all checkout steps - Add zizmor.yml configuration file - Fix missing newlines at end of files Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v2.2.77...main