July 4, 2026
Send Email with MailKite
Version updated for https://github.com/mailkite/send-email-action to version v1.0.0.
This action is used across all versions by ? repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Send email with MailKite from any workflow. See README for inputs + the inbound→repository_dispatch recipe.
July 4, 2026
Quorum consensus security scan
Version updated for https://github.com/Martinez1991/quorum-sec-scan to version v0.8.1.
This action is used across all versions by ? repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Changelog bf624853a310007127d7223e7f1c1952186b028f: Merge pull request #60 from Martinez1991/feat/action-advice-inputs (@Martinez1991) 1723f878b86eaab1925a57820f79ce9160b8ee96: feat(action): expose the advisory layer (–advice / AI / –fix) as inputs (@Martinez1991)
July 4, 2026
Docker Swarm Deployment Action
Version updated for https://github.com/matchory/docker-swarm-deployment-action to version v1.2.0.
This action is used across all versions by ? repositories. Action Type This is a Node action using Node version 24.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed What’s Changed fix: re-enable YAML merge keys dropped by js-yaml v5 by @Radiergummi in https://github.com/matchory/docker-swarm-deployment-action/pull/152 feat: active Compose → Swarm reconciliation by @Radiergummi in https://github.com/matchory/docker-swarm-deployment-action/pull/153 Full Changelog: https://github.com/matchory/docker-swarm-deployment-action/compare/v1.1...v1.2.0
July 4, 2026
ansede-static
Version updated for https://github.com/mattybellx/Ansede to version v5.5.0.
This action is used across all versions by 0 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed [5.5.0] — 2026-07-03 Added Runtime framework-root detection (_detect_framework_root) — auto-detects framework/library repos from package metadata, enabling noise suppression on arbitrary cloned repos (not just known benchmark paths) Test-file noise policy (_is_test_file, _TEST_FILE_NOISE_RULES) — suppresses CWE-798/327/338 findings in test fixtures, examples, and demos Expanded framework-internal path markers — 60+ new patterns covering cloned campaign repos (py-flask/, js-express/, etc.) and installed packages Confidence downgrading for non-exempt framework-internal findings (0.5 cap) and test-file findings (0.6 cap) Changed rich moved to production dependencies — declared explicitly in pyproject.toml; guardrails updated to 10MB limit with rich allowlist CWE-617 severity: high → medium (error-handling, not direct exploit) CWE-532 severity: high → medium (information leak) README precision claims — replaced “0.4% FP rate” with honest “36-58% precision on web apps” Test count badge: 1,207 → 1,234 Fixed Framework noise suppression now works on cloned repos — previously only matched specific benchmark directory names; now catches py-flask/, js-express/, and 30+ common clone patterns FrameworkFingerprint made mutable — inspect_ast_node() and verify_endpoint_protection() can now set detected_framework at runtime verify_endpoint_protection checks default values — FastAPI = Depends(...) pattern (default value, not annotation) now detected Engineering Spec Compliance Phase 1.3: Dependency declaration (rich as prod dep) Phase 1.4: mypy --strict added to CI Phase 2.2: register_symbol, resolve_call, propagate_taint_cross_file in interprocedural.py Phase 2.3: FrameworkFingerprint.inspect_ast_node + verify_endpoint_protection Phase 2.4: Rule severity recalibration Phase 3.1: generate_remediation_snippet with 6 code-fix templates Phase 3.4: ProcessPoolExecutor parallel analysis Phase 3.5: safe_parse_target with 3-encoding fallback Phase 4.1: docs/rules/index.md rule catalog Phase 4.2: rules/custom_checks.yaml blueprint Phase 4.3: filter_findings_by_git_diff PR isolation
July 4, 2026
Synaptic PR Review
Version updated for https://github.com/minhphu102003/ai-pr-review-action to version v0.2.7.
This action is used across all versions by ? repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed v0.2.7 Fix: summary comment now updates in-place on re-review instead of duplicating (post_inline.py) Fix: new delete_issue_comment() helper for cleaning up stale OpenCode-created comments ( eview_context.py)
July 4, 2026
ModelBound Skill Check
Version updated for https://github.com/ModelBound/skill-check-action to version v1.1.4.
This action is used across all versions by ? repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed GitHub Action that lints, trust-scores, and estimates token savings for agent skill files on every pull request via ModelBound.co context management tools.
July 4, 2026
Run AER Tests
Version updated for https://github.com/octoberswimmer/aer-dist to version v1.2.7.
This publisher is shown as ‘verified’ by GitHub.
This action is used across all versions by 0 repositories.
Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Version v1.2.7
Fix Resolving Class Names Shadowed By Local Variables
July 4, 2026
PatchFlow Security Scan
Version updated for https://github.com/Patchflow-security/patchflow-cli to version v0.1.3.
This action is used across all versions by ? repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed PatchFlow CLI v0.1.3 Benchmark Results (v1.0) 18 intentionally vulnerable repos: 100% recall, 918K LOC, 19 CWE categories 5 historical CVE repos: 100% recall, 387K LOC 10 clean repos: 0.094 HC/KLOC, 720K LOC See Benchmark Report v1.0 for details.
July 4, 2026
Setup xdrun
Version updated for https://github.com/phillarmonic/setup-drun to version v2.
This action is used across all versions by ? repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Drun v2
July 4, 2026
Polygraph MCP gate
Version updated for https://github.com/polygraphso/litmus to version litmus-v0.26.0.
This action is used across all versions by 0 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed The lookup tools now attribute the calling agent — and the release pipeline publishes the MCP-registry listing automatically.
Client identity on lookups (#91): check_server, list_servers, and request_grade send the connected client’s handshake identity (name/version plus declared title, website, description, and capability keys such as sampling/roots) to polygraph.so’s aggregate per-agent usage counters. Software metadata only — nothing about the user is read or sent; all fields are optional server-side. Official MCP Registry auto-publish (#93): pushing a litmus-v* tag now also publishes server.json to registry.modelcontextprotocol.io via GitHub OIDC, with a fail-fast version-drift check. polygraph plugin 0.6.0: spawn pinned to this release (#92). No grading-semantics changes: litmus-v12 / litmus-skill-v2 unchanged.