v0.17.0

Changelog for poutine v0.17.0 🎉🎂

Happy 1st Anniversary to poutine! We're thrilled to mark this milestone with a significant release packed with new capabilities and improvements.

New Features 🌟

• 🚀 Groundbreaking Stale Branch Analysis: Introduced by @Talgarr, newest full time member of our Security Research team, this highly efficient stale branches scanner helps uncover potentially exploitable pull_request_target vulnerabilities lurking in forgotten branches, even if they've been patched in the default branch. (#285)
• Enhanced LOTP Analysis: Added support for many more Living Off The Pipeline (LOTP) tools, contributed by @Talgarr. (#286)

Improvements 🔧

• Optimized Skip Rule Logic: Refined the logic for skipping rules during analysis for better performance and accuracy. (#287)
• Linter Migration: Completed migration to a new linter setup as part of ongoing code quality efforts. (#284)

Dependency Updates ⬆️

GitHub Actions

• Updated ossf/scorecard-action from v2.4.0 to v2.4.1. (#268)
• Updated step-security/harden-runner from v2.10.4 to v2.11.0. (#270)
• Updated github/codeql-action from v3.28.8 to v3.28.13. (#281)
• Updated goreleaser/goreleaser-action from v6.1.0 to v6.3.0. (#282)

Go Libraries

• Updated Go language version to 1.24. (#284)
• Updated github.com/spf13/cobra from v1.8.1 to v1.9.1. (#275)
• Updated github.com/open-policy-agent/opa from v1.1.0 to v1.3.0. (#277)
• General dependency updates. (#284)

New Contributors 👋

• Welcome @Talgarr from our Security Research team, making their first direct code contribution to the poutine repository (#285)! @Talgarr has been a major contributor to the related LOTP project, significantly influencing rule improvements in this release.

Full Changelog 📜

For a detailed view of all changes, see the full changelog.