SecScore

Version updated for https://github.com/cassiodeveloper/SecScore to version v0.4.0.

• This action is used across all versions by ? repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

SecScore is a lightweight security scoring engine designed for CI/CD pipelines that evaluates security scanner findings in SARIF format and calculates a single security score for pull requests, enabling automated decisions to PASS, require REVIEW, or FAIL. It is scanner-agnostic, supports multi-SARIF inputs, and includes capabilities like diff-aware filtering, suppression of false positives, and hard fail rules for critical vulnerabilities. This action streamlines security decision-making in software development workflows by providing policy-driven, consistent, and traceable evaluations.

• Cassiodeveloper
• GitHub Actions