Regis Security Analysis
Version updated for https://github.com/trivoallan/regis to version v0.29.0.
- This action is used across all versions by 1 repositories.
Action Type
This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
Action Summary
Regis is a GitHub Action designed for container security and compliance in CI/CD pipelines, providing automated analysis of container images from OCI-compliant registries. It integrates multiple industry-standard tools to perform vulnerability scanning, metadata inspection, and policy enforcement, while generating both machine-readable (JSON) and interactive (HTML) reports. By offering customizable playbooks, efficient caching, and seamless integration into CI/CD workflows, it simplifies security, compliance, and best practices enforcement for production-ready environments.
What’s Changed
0.29.0 (2026-04-22)
Features
- ci: integrate pip-audit severity gate, SBOM artifacts, and provenance attestation (#458) (5a64588)
- ci: Sprint 1 — M001 deliverables (snapshot retention, snapshot date, action dogfooding, docs) (#494) (16dd6af)
- cli: add create-playbook OMC skill (#435) (987ca3a)
- playbook: playbook bundles with metadata validation and –rerun support (#438) (01622e2)