Code Literal Sentinel
Version updated for https://github.com/Malnati/code-literal-sentinel to version v2.5.0.
- This action is used across all versions by ? repositories.
Go to the GitHub Marketplace to find the latest changes.
Release notes
These changes updates the Code Literal Sentinel GitHub Action to introduce a new idempotent audit strategy using content signatures, improving how repeated audits are detected and avoided. The workflow now generates a unique signature for the scanned codebase and checks for previous reports based on this signature, ensuring reports are only generated when the code changes. Several steps and messaging have been clarified and streamlined to reflect this new logic.
Audit strategy improvements:
- Switched to content signature-based idempotency, replacing previous SHA-based checks, and updated all related messaging and descriptions to clarify the new approach. (
action.yml) [1] [2] [3] - In the main audit step, generates a content signature hash from tracked files, stores it in the report, and uses it to detect existing audits, preventing redundant reports. (
action.yml) [1] [2]
Workflow logic and messaging updates:
- Circuit breaker logic and messages for branch and bot commit detection have been clarified to better reflect their function in avoiding audit loops. (
action.yml) - Output and summary messages throughout the workflow have been updated to clearly indicate when a report is reused due to an unchanged code signature, and to simplify report descriptions. (
action.yml)
General codebase and documentation clean-up: