Version updated for https://github.com/gustavtjac/HashpinEnforcer to version v1.3.1.1. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The GitHub Actions Hashpin Enforcer is a security-focused tool that scans workflow YAML files to ensure all actions are pinned to specific commit SHAs, preventing the use of mutable references like tags (@v1) or branches (@main). It automates the detection of non-deterministic dependencies, improving the reproducibility and security of CI/CD pipelines by mitigating risks such as malicious code injection, breaking changes, and unpredictable builds.

Version updated for https://github.com/hesreallyhim/github-api-usage-tracker to version v1.0.0. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary This GitHub Action tracks and reports the GitHub API usage of a workflow job by capturing the API rate-limit state at the start and end of the job. It automates the process of monitoring how many API requests are consumed, categorized by rate-limit buckets (e.

Version updated for https://github.com/hidai25/eval-view to version v0.1.7. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary EvalView is a testing framework designed for AI agents, enabling developers to write test cases in YAML and automate the detection of regressions in behavior, cost, and latency during CI/CD workflows. By integrating with tools like LangGraph, CrewAI, OpenAI Assistants, and Anthropic Claude, it automates tasks such as tracking token costs, validating tool calls, and catching hallucinations, solving the challenges of manual testing and ensuring reliable agent performance before deployment.

Version updated for https://github.com/kirkeaton/action-publint to version v2.0.6. This action is used across all versions by 13 repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The action-publint GitHub Action automates the process of linting a package.json file to identify and report packaging errors using Publint. It helps developers ensure their package configurations are correct and adhere to best practices, reducing the risk of issues during publishing. The action provides customizable logging levels and the ability to treat warnings as errors, streamlining the validation process for package metadata.

Version updated for https://github.com/kirkeaton/setup-react to version v2.0.6. This action is used across all versions by 2 repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The setup-react GitHub Action automates the process of configuring a workflow with a specified version of React and its related libraries, including react-dom and their TypeScript type definitions. It simplifies dependency management by ensuring the correct versions are installed, making it easier to set up consistent environments for React-based projects.

Version updated for https://github.com/statens-pensjonskasse/gha-create-signed-commit to version v0.1.2. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The Create Signed Commit Action is a GitHub Action that automates the creation of signed commits using the GitHub API without immediately pushing them, enabling batch commit operations. It addresses the need for programmatic and secure commit creation, supports specifying files, branches, and parent commits, and provides flexibility for workflows requiring multiple commits.

Version updated for https://github.com/tonyAllTrue/ai-security-posture-management-scanner to version v0.0.9. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The “AllTrue Security Testing for AI Systems” GitHub Action automates security testing for AI models and LLM endpoints, integrating with the AllTrue platform to identify vulnerabilities such as prompt injection, data leakage, and malicious code. It enables flexible scoping, concurrent testing, and detailed reporting while supporting features like HuggingFace model onboarding, safety guardrails validation, and GitHub issue creation for findings.

Version updated for https://github.com/Vigilnz/vigilnz-scan-action to version v1.0.0. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The Vigilnz Security Scan GitHub Action automates vulnerability scanning for repositories within CI/CD workflows. It provides capabilities for Software Composition Analysis (SCA), Static Application Security Testing (SAST), and Software Bill of Materials (SBOM) generation, enabling developers to proactively identify and address security issues.

Version updated for https://github.com/vignesh07/oncall-agent to version v1.0.0. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The oncall-agent GitHub Action automates the response to production alerts by integrating with monitoring tools like PagerDuty, Datadog, and Prometheus. It parses alerts, deduplicates them, creates GitHub issues to track incidents, analyzes code using AI (Claude Code), and proposes solutions by either opening pull requests with fixes or providing analysis.