AI SSDLC Security Suite
Version updated for https://github.com/subzone/ssdlc-action to version v1.3.0.
- This action is used across all versions by 1 repositories.
Action Type
This is a Docker action.
Go to the GitHub Marketplace to find the latest changes.
Action Summary
The AI SSDLC Security Suite GitHub Action is a comprehensive, AI-powered tool designed to automate secure software development lifecycle (SDLC) processes. It integrates various security scans, including SAST, secret detection, SCA, IaC, and container security, while leveraging AI for triaging, prioritizing findings, generating fix suggestions, and performing threat modeling. This action simplifies security workflows by centralizing multiple tools into a single action, enhancing code quality, and reducing manual effort in identifying and mitigating vulnerabilities.
Release notes
What’s Changed
- Feat/license validation management by @subzone in https://github.com/subzone/ssdlc-action/pull/3
- Update AI model version to claude-sonnet-4-6 in configuration and scr… by @subzone in https://github.com/subzone/ssdlc-action/pull/9
- feat: publish Docker image to GHCR and wire artifact upload for ssdlc-studio by @subzone in https://github.com/subzone/ssdlc-action/pull/10
- security: replace Ed25519 public key placeholder with real key by @subzone in https://github.com/subzone/ssdlc-action/pull/11
- fix: always run AI triage + repo-wide threat modeling fallback by @subzone in https://github.com/subzone/ssdlc-action/pull/12
- feat: add GitHub Models provider + fix github-token input by @subzone in https://github.com/subzone/ssdlc-action/pull/13
- ci: switch self-scan to GitHub Models provider by @subzone in https://github.com/subzone/ssdlc-action/pull/14
- ci: add models: read permission for GitHub Models AI by @subzone in https://github.com/subzone/ssdlc-action/pull/15
- fix: reduce token usage for GitHub Models 8k input limit by @subzone in https://github.com/subzone/ssdlc-action/pull/16
- security: remove nodejs/npm/wget/unzip — eliminate CRITICAL CVEs from image by @subzone in https://github.com/subzone/ssdlc-action/pull/17
- security: apt-get upgrade + pip/setuptools bump — fix remaining 14 HIGH CVEs by @subzone in https://github.com/subzone/ssdlc-action/pull/19
- feat: add trivy-ignore-unfixed option — fix self-scan CI for won’t-fix CVEs by @subzone in https://github.com/subzone/ssdlc-action/pull/20
- fix: .trivyignore for Go stdlib CVEs in bundled tooling (Gitleaks/Trivy/gh) by @subzone in https://github.com/subzone/ssdlc-action/pull/21
- feat: release workflow for proper semver image versioning by @subzone in https://github.com/subzone/ssdlc-action/pull/22
- fix: dispatch Build & Push explicitly after tag push (GITHUB_TOKEN restriction) by @subzone in https://github.com/subzone/ssdlc-action/pull/23
- feat: upload findings.json as GitHub artifact for platform dashboard by @subzone in https://github.com/subzone/ssdlc-action/pull/24
- feat(dora): emit deployment event to SSDLC platform API after security gate by @subzone in https://github.com/subzone/ssdlc-action/pull/26
- fix(security): bump gitleaks 8.30.1 + suppress 3 new Go binary CVEs by @subzone in https://github.com/subzone/ssdlc-action/pull/27
Full Changelog: https://github.com/subzone/ssdlc-action/compare/v1.0.2...v1.3.0