Version updated for https://github.com/fulgas/reviewdog-action-checkov to version v2.2.0. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The “Checkov + Reviewdog GitHub Action” is a tool designed to scan Infrastructure as Code (IaC) files such as Terraform, Kubernetes, and CloudFormation for security vulnerabilities using Checkov, and report the results directly to pull requests via Reviewdog. It automates IaC security checks, integrates seamlessly into CI/CD workflows, and provides configurable inline feedback to developers, helping teams identify and address security issues efficiently.

Version updated for https://github.com/galligan/skills-packager to version v1. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The “Skills Packager” GitHub Action automates the process of packaging markdown-based skills into validated, checksummed, and installable ZIP files, ready for use with Claude.ai or other tools requiring agent skills. It streamlines tasks such as skill detection, change tracking, and release creation, offering features like plugin grouping, integrity verification, and GitHub release integration.

Version updated for https://github.com/gustavtjac/HashpinEnforcer to version v1.3.1.1. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The GitHub Actions Hashpin Enforcer is a security-focused tool that scans workflow YAML files to ensure all actions are pinned to specific commit SHAs, preventing the use of mutable references like tags (@v1) or branches (@main). It automates the detection of non-deterministic dependencies, improving the reproducibility and security of CI/CD pipelines by mitigating risks such as malicious code injection, breaking changes, and unpredictable builds.

Version updated for https://github.com/hesreallyhim/github-api-usage-tracker to version v1.0.0. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary This GitHub Action tracks and reports the GitHub API usage of a workflow job by capturing the API rate-limit state at the start and end of the job. It automates the process of monitoring how many API requests are consumed, categorized by rate-limit buckets (e.

Version updated for https://github.com/hidai25/eval-view to version v0.1.7. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary EvalView is a testing framework designed for AI agents, enabling developers to write test cases in YAML and automate the detection of regressions in behavior, cost, and latency during CI/CD workflows. By integrating with tools like LangGraph, CrewAI, OpenAI Assistants, and Anthropic Claude, it automates tasks such as tracking token costs, validating tool calls, and catching hallucinations, solving the challenges of manual testing and ensuring reliable agent performance before deployment.

Version updated for https://github.com/kirkeaton/action-publint to version v2.0.6. This action is used across all versions by 13 repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The action-publint GitHub Action automates the process of linting a package.json file to identify and report packaging errors using Publint. It helps developers ensure their package configurations are correct and adhere to best practices, reducing the risk of issues during publishing. The action provides customizable logging levels and the ability to treat warnings as errors, streamlining the validation process for package metadata.

Version updated for https://github.com/kirkeaton/setup-react to version v2.0.6. This action is used across all versions by 2 repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The setup-react GitHub Action automates the process of configuring a workflow with a specified version of React and its related libraries, including react-dom and their TypeScript type definitions. It simplifies dependency management by ensuring the correct versions are installed, making it easier to set up consistent environments for React-based projects.

Version updated for https://github.com/statens-pensjonskasse/gha-create-signed-commit to version v0.1.2. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The Create Signed Commit Action is a GitHub Action that automates the creation of signed commits using the GitHub API without immediately pushing them, enabling batch commit operations. It addresses the need for programmatic and secure commit creation, supports specifying files, branches, and parent commits, and provides flexibility for workflows requiring multiple commits.

Version updated for https://github.com/tonyAllTrue/ai-security-posture-management-scanner to version v0.0.9. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The “AllTrue Security Testing for AI Systems” GitHub Action automates security testing for AI models and LLM endpoints, integrating with the AllTrue platform to identify vulnerabilities such as prompt injection, data leakage, and malicious code. It enables flexible scoping, concurrent testing, and detailed reporting while supporting features like HuggingFace model onboarding, safety guardrails validation, and GitHub issue creation for findings.