July 1, 2026
Polder Drift — Design System Drift Alerts
Version updated for https://github.com/usepolder/drift to version v1.0.0.
This action is used across all versions by 0 repositories. Action Type This is a Node action using Node version 20.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed What’s Changed fix: review findings — shallow-checkout false-new (#8) + hardening by @jongjesse in https://github.com/usepolder/drift/pull/2 test: re-home Carbon/MUI integration tests (vendored fixtures + DS devDeps) by @jongjesse in https://github.com/usepolder/drift/pull/3 chore: repo polish (CodeRabbit config, CONTRIBUTING, badges) by @jongjesse in https://github.com/usepolder/drift/pull/1 Fix glob translation: leading/embedded **/ matches zero or more dirs by @jongjesse in https://github.com/usepolder/drift/pull/4 Fix unit-inconsistent adoption metric: count drifted components, not findings by @jongjesse in https://github.com/usepolder/drift/pull/5 fix: surface comment-post failures instead of swallowing them by @jongjesse in https://github.com/usepolder/drift/pull/6 chore: prep v1 for GitHub Marketplace publish by @jongjesse in https://github.com/usepolder/drift/pull/8 fix: paginate GitHub issue-comment lookup to avoid duplicate comments by @jongjesse in https://github.com/usepolder/drift/pull/7 New Contributors @jongjesse made their first contribution in https://github.com/usepolder/drift/pull/2 Full Changelog: https://github.com/usepolder/drift/commits/v1.0.0
July 1, 2026
RepoScope Security & Compliance Scanner
Version updated for https://github.com/xdun1698/reposcope-action to version v1.0.0.
This action is used across all versions by ? repositories. Action Type This is a Node action using Node version 20.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed RepoScope Security & Compliance Scanner v1.0.0 First public release — run RepoScope’s scanner in CI to catch security issues and generate audit-ready compliance evidence on every push and pull request.
What’s included 44 security detectors across 14 languages — hardcoded secrets, SQL injection, XSS, command injection, TLS misconfigs, weak crypto, permissive CORS Inline PR review comments — one per finding with file, line, severity, CWE ID, and fix hint GitHub Check run — PASS/FAIL with a configurable score threshold and annotations on high/critical findings Compliance report artifact — HTML report mapping findings to OWASP Top 10, SOC 2 Type II, PCI-DSS v4.0, EU AI Act Article 12, and ISO/IEC 42001 Configurable build gate — fail-on severity and score threshold Inline suppression via reposcope-ignore comments Setup instructions and all inputs/outputs are in the README.
July 1, 2026
gmc — Google Merchant Center CLI
Version updated for https://github.com/yasserstudio/gmc to version v1.0.16.
This action is used across all versions by 0 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed gmc ordertracking — Order Tracking sub-API (ordertracking/v1) Adds gmc ordertracking — the Order Tracking sub-API (accounts.orderTrackingSignals). This was the last remaining GA (v1) Merchant API sub-API, so the stable v1 surface is now fully covered (12 GA sub-APIs).
July 1, 2026
EcoTrace Carbon Gate
Version updated for https://github.com/Zwony/ecotrace to version v1.4.0.
This action is used across all versions by 0 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed EcoTrace v1.4.0 Released: 2026-07-01 Type: Feature Release — 6 new features, 4 bug fixes, zero breaking changes
New Features Pausable Tracking API (pause() / esume()) Pause and resume carbon tracking to isolate your code’s emissions from setup/teardown overhead.
July 1, 2026
HOL Codex Plugin Scanner
Version updated for https://github.com/hashgraph-online/hol-codex-plugin-scanner-action to version v1.2.355.
This action is used across all versions by 10 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Full Changelog: https://github.com/hashgraph-online/hol-codex-plugin-scanner-action/compare/v1...v1.2.355
July 1, 2026
Holon Solve
Version updated for https://github.com/holon-run/holon to version v0.25.0.
This action is used across all versions by 0 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Runtime line Holon v0.25.0 is part of the Rust runtime line. The Rust runtime is now the main holon binary.
This release adds a Bing Web Search provider with managed WebSearch tool kept alongside native search, an external trigger token-only storage model with reset-callback API, and trigger revocation on agent stop. It also fixes max_turns counting, coerce_string JSON-string parsing for tool arguments, callback_base_url/advertise_url decoupling, and skill install for non-flat catalog layouts. The memory indexer is redesigned as a single daemon with outbox cleanup, and SQLite connection init gains PRAGMA tuning for better performance.
July 1, 2026
lgtmaybe
Version updated for https://github.com/MattJColes/lgtmaybe to version lgtmaybe-v0.9.1.
This action is used across all versions by ? repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed 0.9.1 (2026-07-01) Documentation streamline install + local-model guides (#160) (6425ad3)
July 1, 2026
Totem Shield
Version updated for https://github.com/mmnto-ai/totem to version @mmnto/pack-rust-architecture@1.86.0.
This action is used across all versions by 0 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed Cohort-link bump (no direct package changes). See .changeset/config.json for the fixed-cohort definition.
July 1, 2026
agent-bom Scan
Version updated for https://github.com/msaad00/agent-bom to version v0.91.0.
This action is used across all versions by 1 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed What’s Changed docs(release): 0.90.1 hygiene — soften SCA framing, fix stale pins, README callouts by @msaad00 in https://github.com/msaad00/agent-bom/pull/3314 fix(sca): honor NVD CPE inclusive/exclusive version bounds exactly by @msaad00 in https://github.com/msaad00/agent-bom/pull/3315 fix(output): surface match_confidence_tier across SARIF, JSON, HTML by @msaad00 in https://github.com/msaad00/agent-bom/pull/3317 fix(release): harden post-0.90 audit findings by @msaad00 in https://github.com/msaad00/agent-bom/pull/3316 fix(output): carry match_confidence_tier on the JSON blast_radius rollup by @msaad00 in https://github.com/msaad00/agent-bom/pull/3319 fix(ui): fail fast offline and polish README how-it-works diagram by @msaad00 in https://github.com/msaad00/agent-bom/pull/3318 fix(sca): make NVD capped sync ingest its unsynced tail across runs by @msaad00 in https://github.com/msaad00/agent-bom/pull/3320 fix(version): correct post-release regex and prerelease ordering in version compare by @msaad00 in https://github.com/msaad00/agent-bom/pull/3330 fix(graph): keep cross-page attack paths in filtered /graph by @msaad00 in https://github.com/msaad00/agent-bom/pull/3321 fix(cli): fail-close –fail-on-severity on unknown/none findings by @msaad00 in https://github.com/msaad00/agent-bom/pull/3322 fix(mcp): emit canonical OWASP codes from tool-abuse rules by @msaad00 in https://github.com/msaad00/agent-bom/pull/3323 fix(sarif): de-duplicate cloud CIS failures in SARIF output by @msaad00 in https://github.com/msaad00/agent-bom/pull/3324 fix(inventory): keep distinct MCP servers distinct across identity, enrichment, and Cortex audit by @msaad00 in https://github.com/msaad00/agent-bom/pull/3325 chore(deps): combine UI dependency updates by @msaad00 in https://github.com/msaad00/agent-bom/pull/3337 fix(model-scan): close pickle-scan size gate and memo evasion by @msaad00 in https://github.com/msaad00/agent-bom/pull/3326 fix(version): honor tagged bounds for Go pseudo-versions by @msaad00 in https://github.com/msaad00/agent-bom/pull/3327 fix(image): warn on legacy rpmdb instead of silent zero coverage by @msaad00 in https://github.com/msaad00/agent-bom/pull/3328 fix(mcp): block SSRF in repo scan and offload clone off the event loop by @msaad00 in https://github.com/msaad00/agent-bom/pull/3329 feat(ui): design-system foundation — Collapsible, Card/Section, entity icons, vendor logos, state primitives by @msaad00 in https://github.com/msaad00/agent-bom/pull/3338 fix(sca): harden OSV/NVD/KEV/GHSA sync + SQLite concurrency (availability) by @msaad00 in https://github.com/msaad00/agent-bom/pull/3339 feat(ui): real connections experience — vendor logos + connector cards wired to backend by @msaad00 in https://github.com/msaad00/agent-bom/pull/3340 fix(api): bind audit tenant server-side, harden rate-limit identity + global ceiling by @msaad00 in https://github.com/msaad00/agent-bom/pull/3341 fix(output): dedup CycloneDX components + scope finding id by package by @msaad00 in https://github.com/msaad00/agent-bom/pull/3342 fix(ui): align connections screenshot spec with redesigned headings by @msaad00 in https://github.com/msaad00/agent-bom/pull/3344 feat: capability-depth — reachability→CVE, perf, identity owner-binding, FinOps rates, SBOM attestation/SPDX2 by @msaad00 in https://github.com/msaad00/agent-bom/pull/3346 feat(ui): declutter, capability-driven IA, interaction-state fixes, real trust stack by @msaad00 in https://github.com/msaad00/agent-bom/pull/3347 feat(gateway): OAuth 2.1 AS conformance + inline A2A mutual-auth enforcement + per-tool-call scope/DLP by @msaad00 in https://github.com/msaad00/agent-bom/pull/3348 chore(release): v0.91.0 by @msaad00 in https://github.com/msaad00/agent-bom/pull/3349 Full Changelog: https://github.com/msaad00/agent-bom/compare/v0.90.0...v0.91.0
July 1, 2026
Codeowners Plus
Version updated for https://github.com/multimediallc/codeowners-plus to version v1.10.0.
This action is used across all versions by 0 repositories. Action Type This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
What’s Changed What’s Changed v1.9.1 by @BakerNet in https://github.com/multimediallc/codeowners-plus/pull/133 Add gomodUpdateImportPaths to renovate config by @BakerNet in https://github.com/multimediallc/codeowners-plus/pull/135 dev: Update module github.com/google/go-github/v85 to v86 by @mm-renovate-bot[bot] in https://github.com/multimediallc/codeowners-plus/pull/125 Fully support sha pinning + remove docker from runtime. by @Icantjuddle in https://github.com/multimediallc/codeowners-plus/pull/143 Fix goreleaser trigger by @BakerNet in https://github.com/multimediallc/codeowners-plus/pull/146 ci: trigger goreleaser on tag push, create draft release by @BakerNet in https://github.com/multimediallc/codeowners-plus/pull/148 fix: action path has infixed ./ for local action runs by @BakerNet in https://github.com/multimediallc/codeowners-plus/pull/149 Bump the gomod group across 1 directory with 2 updates by @dependabot[bot] in https://github.com/multimediallc/codeowners-plus/pull/151 dev: Update actions/checkout action to v7 by @mm-renovate-bot[bot] in https://github.com/multimediallc/codeowners-plus/pull/153 dev: Update golangci/golangci-lint-action action to v9.2.1 by @mm-renovate-bot[bot] in https://github.com/multimediallc/codeowners-plus/pull/140 Example workflow fixes by @kolayne in https://github.com/multimediallc/codeowners-plus/pull/150 Add the config.disable_review_status_comments config option by @kolayne in https://github.com/multimediallc/codeowners-plus/pull/160 Bump the github-actions group with 2 updates by @dependabot[bot] in https://github.com/multimediallc/codeowners-plus/pull/156 Bump the gomod group with 2 updates by @dependabot[bot] in https://github.com/multimediallc/codeowners-plus/pull/157 fix: Make sort order deterministic by @BakerNet in https://github.com/multimediallc/codeowners-plus/pull/162 New Contributors @kolayne made their first contribution in https://github.com/multimediallc/codeowners-plus/pull/150 Full Changelog: https://github.com/multimediallc/codeowners-plus/compare/v1.9.1...v1.10.0