July 2, 2026
Fallow - Codebase Intelligence
Version updated for https://github.com/fallow-rs/fallow to version v2.104.0.
This action is used across all versions by 235 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Highlights This release is heavy on CSS intelligence. fallow health --css now understands CSS-in-JS (styled-components, emotion, linaria, vanilla-extract, StyleX, Panda) as first-class, ships a second styling-health quality axis, and adds a design-token blast-radius index. Plus a staged human review walkthrough, an opt-in unused-prop exemption, and a batch of framework false-positive fixes.
July 2, 2026
accessibility-scanner
Version updated for https://github.com/github/accessibility-scanner to version v3.3.0.
This publisher is shown as ‘verified’ by GitHub.
This action is used across all versions by 43 repositories.
Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed What’s Changed New Features Add group_by option to the accessibility scanner by @taarikashenafi in https://github.com/github/accessibility-scanner/pull/239 Add dry_run option to the accessibility scanner by @taarikashenafi in https://github.com/github/accessibility-scanner/pull/232 Distinguish wcag vs best practice by @kzhou314 in https://github.com/github/accessibility-scanner/pull/233 Match axe findings by rule and report all failing elements by @kzhou314 in https://github.com/github/accessibility-scanner/pull/240 Disable reopen wontfix by @kzhou314 in https://github.com/github/accessibility-scanner/pull/234 Update reflow-scan text to improve clarity and reference WCAG 2.2 by @taarikashenafi in https://github.com/github/accessibility-scanner/pull/231 Dependency/documentation updates chore(deps): Bump ruby/setup-ruby from 1.307.0 to 1.308.0 in the github-actions group across 1 directory by @dependabot[bot] in https://github.com/github/accessibility-scanner/pull/218 chore(deps-dev): Bump the npm-minor-and-patch group across 5 directories with 3 updates by @dependabot[bot] in https://github.com/github/accessibility-scanner/pull/219 chore(deps): Bump ruby/setup-ruby from 1.308.0 to 1.310.0 in the github-actions group across 1 directory by @dependabot[bot] in https://github.com/github/accessibility-scanner/pull/220 chore(deps): Bump puma from 8.0.1 to 8.0.2 in /sites/site-with-errors in the bundler-minor-and-patch group by @dependabot[bot] in https://github.com/github/accessibility-scanner/pull/221 chore(deps): Bump ruby/setup-ruby from 1.310.0 to 1.311.0 in the github-actions group across 1 directory by @dependabot[bot] in https://github.com/github/accessibility-scanner/pull/225 chore(deps): Bump ruby/setup-ruby from 1.311.0 to 1.313.0 in the github-actions group across 1 directory by @dependabot[bot] in https://github.com/github/accessibility-scanner/pull/227 chore(deps-dev): Bump vite from 8.0.12 to 8.0.16 by @dependabot[bot] in https://github.com/github/accessibility-scanner/pull/228 chore(deps-dev): Bump @types/node from 25.9.0 to 26.0.0 by @dependabot[bot] in https://github.com/github/accessibility-scanner/pull/236 chore(deps-dev): Bump undici from 6.24.1 to 6.27.0 by @dependabot[bot] in https://github.com/github/accessibility-scanner/pull/237 chore(deps): Bump the github-actions group across 4 directories with 2 updates by @dependabot[bot] in https://github.com/github/accessibility-scanner/pull/235 chore(deps): Bump concurrent-ruby from 1.3.5 to 1.3.7 in /sites/site-with-errors by @dependabot[bot] in https://github.com/github/accessibility-scanner/pull/238 New Contributors @taarikashenafi made their first contribution in https://github.com/github/accessibility-scanner/pull/231 @kzhou314 made their first contribution in https://github.com/github/accessibility-scanner/pull/234 Full Changelog: https://github.com/github/accessibility-scanner/compare/v3.2.0...v3.3.0
July 2, 2026
TrustCheck Package Scanner
Version updated for https://github.com/Halfblood-Prince/trustcheck to version v2.1.2.
This action is used across all versions by 0 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Published from immutable commit e6660a53c73391a10e8e721e3a245b25e3289b4b. The release workflow publishes PyPI, GitHub Action, Snap Store, and GHCR Docker distributions after shared tag verification, QA, matrix, and coverage builds.
Release artifacts:
dist/* dist/SHA256SUMS.txt dist/*.cdx.json standalone trustcheck-*-windows-x86_64.exe with checksum unsigned trustcheck-*-store.msix for Microsoft Store submission GHCR Docker images for linux/amd64, linux/arm64, and linux/arm/v7 Verify the direct Windows executable before use:
July 2, 2026
AI Plugin Scanner
Version updated for https://github.com/hashgraph-online/ai-plugin-scanner-action to version v1.2.366.
This action is used across all versions by 17 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Published automatically from https://github.com/hashgraph-online/hol-guard/tree/320919c7979db097e4d0485e97a0a7675bc59620 with plugin-scanner 2.0.966.
Full Changelog: https://github.com/hashgraph-online/ai-plugin-scanner-action/compare/v1.2.365...v1.2.366
July 2, 2026
HOL Codex Plugin Scanner
Version updated for https://github.com/hashgraph-online/hol-codex-plugin-scanner-action to version v1.2.366.
This action is used across all versions by 11 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Full Changelog: https://github.com/hashgraph-online/hol-codex-plugin-scanner-action/compare/v1...v1.2.366
July 2, 2026
Codex Action
Version updated for https://github.com/icoretech/codex-action to version v0.9.16.
This action is used across all versions by ? repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed 0.9.16 (2026-07-02) Bug Fixes deps: update codex-docker image to v0.142.5 (#46) (fc08eb8)
July 2, 2026
cibuild-action
Version updated for https://github.com/invarnhq/cibuild to version v2.2.8.
This action is used across all versions by 0 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Release v2.2.8
July 2, 2026
AIGate AI Git Workflow Guard CLI
Version updated for https://github.com/LeeHueeng/aigate-ai-git-workflow-guard-cli to version v0.1.5.
This action is used across all versions by 0 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Highlights Added aigate start guided setup routes for quickstart, AI setup, pre-push hooks, release readiness, and full project guard setup. Added aigate test for Git readiness plus detected project test command execution. Added aigate aitest for AI remediation prompt generation and optional Codex, Claude, Gemini, or custom agent execution with --apply. Added repository Claude Code instructions through CLAUDE.md and .aigate/integrations/claude.md. Updated multilingual README, usage, operations, roadmap, AI integration, GitHub Action, examples, and generated HTML overview docs. Extended the reusable GitHub Action to support test and safe aitest prompt generation. Validation npm run ci Release workflow dry run Tagged release workflow publish node src/cli.mjs release-check --npm --language ko Package npm: aigate-cli@0.1.5
July 2, 2026
OSS Security Policy as Code
Version updated for https://github.com/lucashgrifoni/OSS-Security-Policy-as-Code-Starter-Kit to version v9.0.3.
This action is used across all versions by 1 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed OSS Security Policy as Code Starter Kit v9.0.3 This release is the v9.0.3 release of the OSS Security Policy as Code Starter Kit (refine this line before publishing).
Highlights No feature-level changes in this release. Improvements retitle SAST-OSV-068 — the kit ingests OSV verdicts, it is not reachability-aware honor SOURCE_DATE_EPOCH for every outcome-affecting clock read; freeze the suite clock formalize SELF_ATTESTED in the published reports/2.0 schema (9.0.3) build Gemara state maps from pairs to clear a Snyk Code false positive Notes release 9.0.3 (#110) ADR-030 amendment re-grounding the v10.0.0 surface; flip ADR-021 to accepted suppress reviewed Snyk Code false positive via .snyk; keep the gate strict make Snyk Code + Snyk Open Source advisory (continue-on-error) License: Apache-2.0.
July 2, 2026
SnarkGirl
Version updated for https://github.com/mattkelly1991/SnarkGirl to version v1.15.3.
This action is used across all versions by ? repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed SnarkGirl v1.15.3 — The Wiki Ledger + a Living Pitch 📖⚽ The World Cup tournament got two big upgrades: it now lives in your repo’s Wiki, and the pitch actually plays.
The tournament moved to the repo Wiki Standings + match reports are now human-readable, browsable wiki pages organized as World Cup → Season → Match: a Home index of seasons, a Season-{slug} standings page each, and one Season-{slug}-Match-{N} report per PR. No more base64 tokens to shuttle around. Every page carries a keyed HMAC signature footer — change a win from 3 to 4 in the wiki editor and wiki.py verify flags it INVALID. Export a private SGWC_SECRET for a real barrier. Resuming a season is just “clone the wiki.” The user names the season (and its duration) at kickoff. New helper wiki.py (render/verify/verify-all/load-season). Retired the old token.py. The live pitch is alive Players roam their formation and pass the ball, holding shape at each kickoff until someone takes it. A goal is scripted end-to-end: the ball is worked to the scorer, who drives at the net and buries it. A red card sets up a penalty kick — a code red is converted, an agent red is saved by the keeper. Sent-off players walk to a bench at the edge (home top-left, away top-right). The champion & awards now present on the wiki season page (the live arena ends on the standings). Full changelog: https://github.com/mattkelly1991/SnarkGirl/blob/main/CHANGELOG.md