Tracebit Configure Credentials

Version updated for https://github.com/tracebit-com/tracebit-community-action to version v1.1.1.

• This action is used across all versions by 4 repositories.

Action Type

This is a Node action using Node version 24.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

This GitHub Action integrates AWS canary credentials and SSH canary keys (honeytokens) into CI/CD pipelines to detect supply chain attacks and credential exfiltration attempts. It provides real-time alerts when the canary credentials are used, enabling teams to quickly identify and respond to compromised workflows or malicious activity. By tagging canaries with pipeline metadata, it offers precise traceability to identify the exact compromised workflow run, addressing threats like malicious dependencies, compromised actions, and insider threats.

What’s Changed

• Add branding and prepare the action for the marketplace (https://github.com/tracebit-com/tracebit-community-action/commit/3a99261dae897b6a73b2d04d88cfc832a8f18f4b)
• Update action hash in README and CI (https://github.com/tracebit-com/tracebit-community-action/commit/0e2c87e6e389bda2fe3587e5f4d2d8565ae2788e)

• Tracebit-Com
• GitHub Actions