v0.1.11

0.1.11 (2026-06-08)

📦 CI Improvements

• harden release-please app token permissions (#68) (0e00ee8)
• remove unsupported issues permission from app token (#69) (063032c)

⚙️ Chores

• deps: lock file maintenance (#66) (43017ab)
• deps: lock file maintenance (#71) (5ea26a5)
• deps: lock file maintenance (#74) (7273fd0)
• deps: update actions/create-github-app-token action to v3.2.0 (#64) (c8eead3)
• deps: update github actions group to v6.0.3 (#72) (eb0f8f5)
• deps: update github actions group to v8.2.0 (#73) (cd79440)
• deps: update zizmorcore/zizmor-action action to v0.5.5 (#67) (6e2efdb)
• deps: update zizmorcore/zizmor-action action to v0.5.6 (#70) (d67f746)

v0.1.10

0.1.10 (2026-05-11)

📦 CI Improvements

• add latest-release-vulnerability-status check (#63) (b22b733)
• add zizmor workflow (#57) (9f527e6)
• restrict some workflows to only run upstream (#59) (6ca5794)

⚙️ Chores

• deps: lock file maintenance (#55) (9e3b7e6)
• deps: lock file maintenance (#60) (8a08dcf)
• deps: lock file maintenance (#62) (d63e47c)
• deps: update dependency gitpython to v3.1.50 [security] (#61) (fabf9bd)
• deps: update googleapis/release-please-action action to v5 (#54) (7e76bb3)

v0.1.9

0.1.9 (2026-04-22)

🛠️ Build System

• switch to uv/ruff/ty (#50) (31aad29)

⚙️ Chores

• deps: lock file maintenance (#43) (b060971)
• deps: lock file maintenance (#44) (8eb9707)
• deps: lock file maintenance (#46) (04dab08)
• deps: update astral-sh/setup-uv action to v8.1.0 (#51) (ca1f504)
• deps: update dependency platformdirs to v4.9.6 (#47) (fb3c54c)
• deps: update dependency pygithub to v2.9.1 (#49) (46842d5)
• deps: update dependency pytest to v9.0.3 [security] (#48) (48b0dcb)
• releaser: onboard release-please (#52) (f1d2e0f)

v0.1.8

What's Changed

Dependencies

• Bump urllib3 from 2.4.0 to 2.5.0 by @dependabot[bot] in #30
• Bump urllib3 from 2.5.0 to 2.6.0 by @dependabot[bot] in #31
• Bump urllib3 from 2.6.0 to 2.6.3 by @dependabot[bot] in #33
• Bump pynacl from 1.5.0 to 1.6.2 by @dependabot[bot] in #32
• chore(deps): update dependency gitpython to v3.1.46 by @renovate[bot] in #36
• chore(deps): update dependency black to v26 [security] by @renovate[bot] in #35
• chore(deps): update dependency python to 3.14 by @renovate[bot] in #41
• chore(deps): update dev dependencies group (major) by @renovate[bot] in #42
• chore: bring CI and pyproject up-to-date by @mxmehl in #38

Full Changelog: v0.1.7...v0.1.8

v0.1.7

What's Changed

• Clarify status of project by @mxmehl in #29
• Bump some deprecated action deps, bump python versions by @mxmehl in #28
• Bump requests from 2.31.0 to 2.32.0 by @dependabot in #22
• Bump urllib3 from 2.1.0 to 2.2.2 by @dependabot in #23
• Bump certifi from 2023.11.17 to 2024.7.4 by @dependabot in #24
• Bump cryptography from 42.0.4 to 43.0.1 by @dependabot in #26

Full Changelog: v0.1.6...v0.1.7

v0.1.6

What's Changed

• Bump idna from 3.6 to 3.7 by @dependabot in #19
• Bump tqdm from 4.66.1 to 4.66.3 by @dependabot in #20

Full Changelog: v0.1.5...v0.1.6

v0.1.5

What's Changed

• Bump dependencies, also one security-related

Full Changelog: v0.1.4...v0.1.5

v0.1.4

What's Changed

• Bump gitpython from 3.1.40 to 3.1.41 by @dependabot in #12
• Bump cryptography from 41.0.7 to 42.0.0 by @dependabot in #13
• Add workflow to publish a new pypi package upon tagging by @mxmehl in #14

Full Changelog: v0.1.3...v0.1.4

v0.1.3

Changelog

• Various smaller dependency updates
• Add --version to show current version
• Fix --cache-clean to actually clean the cache
• Better information for GitHub token
• Improvements of documentation, tests, CI etc.

v0.1.2

We are happy to publish the first release of the Open Source Red Flag Checker.

Please feel free to experiment with the software and give us feedback. We hope it help you with identifying possible risks in your software supply chain.