Cargo.toml

[package]
name = "zizmor"
description = "Static analysis for GitHub Actions"
version = "1.2.1"
edition = "2021"
repository = "https://github.com/woodruffw/zizmor"
homepage = "https://github.com/woodruffw/zizmor"
documentation = "https://woodruffw.github.io/zizmor/"
authors = ["William Woodruff <william@yossarian.net>"]
license = "MIT"
keywords = ["cli", "github-actions", "static-analysis", "security"]
categories = ["command-line-utilities"]
rust-version = "1.80.1"

[dependencies]
annotate-snippets = "0.11.5"
anstream = "0.6.18"
anyhow = "1.0.95"
camino = { version = "1.1.9", features = ["serde1"] }
clap = { version = "4.5.26", features = ["derive", "env"] }
clap-verbosity-flag = { version = "3.0.2", features = [
    "tracing",
], default-features = false }
etcetera = "0.8.0"
flate2 = "1.0.35"
github-actions-models = "0.21.0"
http-cache-reqwest = "0.15.0"
human-panic = "2.0.1"
indexmap = "2.7.0"
indicatif = "0.17.9"
itertools = "0.14.0"
owo-colors = "4.1.0"
pest = "2.7.15"
pest_derive = "2.7.15"
regex = "1.11.1"
reqwest = { version = "0.12.12", features = [
    "blocking",
    "json",
    "rustls-tls",
], default-features = false }
reqwest-middleware = "0.4.0"
serde = { version = "1.0.217", features = ["derive"] }
serde-sarif = "0.7.0"
serde_json = "1.0.135"
serde_yaml = "0.9.34"
# TODO remove pending https://github.com/tree-sitter/tree-sitter/pull/4034
streaming-iterator = "0.1.9"
tar = "0.4.43"
terminal-link = "0.1.0"
tokio = { version = "1.43.0", features = ["rt-multi-thread"] }
tracing = "0.1.41"
tracing-indicatif = "0.3.8"
tracing-subscriber = { version = "0.3.19", features = ["env-filter"] }
tree-sitter = "0.24.7"
tree-sitter-bash = "0.23.3"
tree-sitter-powershell = "0.24.4"
yamlpath = "0.14.0"

[profile.dev.package]
insta.opt-level = 3
similar.opt-level = 3

[profile.release]
lto = true

[dev-dependencies]
assert_cmd = "2.0.16"
insta = { version = "1.42.0" }
pretty_assertions = "1.4.1"
serde_json_path = "0.7.1"