Version updated for https://github.com/Richonn/ShieldCI to version v1.13.1. This action is used across all versions by 0 repositories. Action Type This is a Docker action. Go to the GitHub Marketplace to find the latest changes. Action Summary ShieldCI is a GitHub Action designed to automate the creation of secure CI/CD pipelines by detecting the project stack, generating hardened workflows tailored to the stack, and opening a pull request with the generated configurations. It addresses the need for streamlined DevSecOps integration, saving time and ensuring best practices for security and compliance in software development. Key capabilities include support for multiple programming languages, Docker/Kubernetes workflows, static analysis (SAST), secret detection, container vulnerability scanning, and SBOM generation.

Version updated for https://github.com/roo-oliv/unravel to version v0.2.3. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Unravel is an AI-powered CLI tool designed to enhance code review processes by organizing pull request (PR) diffs into causal threads based on the reasoning behind changes, rather than file structure. This approach helps reviewers understand the progression of changes from root cause to effect, making reviews more intuitive and efficient. The tool automates diff parsing, analysis, and rendering, offering capabilities like rich terminal output, JSON export, and multi-provider support for large language models (LLMs).

Version updated for https://github.com/SabinGhost19/Voucher-Based-Build-Integrity-Action to version 1.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The VBBI Voucher Attestor GitHub Action automates the creation of a voucher-based build integrity (VBBI) attestation by processing an ordered list of build steps, applying HMAC chaining, and generating a Merkle root. It enhances build security by verifying the integrity of build artifacts and attaching a Cosign attestation, supporting compliance with SLSA standards and enabling secure supply chain practices. The action integrates with HMAC and Vault Transit for cryptographic operations, ensuring flexibility in secure key management.

Version updated for https://github.com/seaofvoices/test-luau-package-action to version v1. This action is used across all versions by 1 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The Test Luau Package Action is a GitHub Action designed to streamline and standardize testing workflows for projects adhering to the Sea of Voices Luau Package Standard. It automates tasks such as repository checkout, tool installation, dependency management, and the execution of common scripts for preparation, linting, style checking, and building. This action simplifies project setup and ensures consistency across Luau projects by integrating various tools like npmluau, luau-analyze, stylua, and darklua into a unified CI/CD workflow.

Version updated for https://github.com/shaftoe/pi-coding-agent-action to version v2.7.2. This action is used across all versions by 1 repositories. Action Type This is a Node action using Node version 24. Go to the GitHub Marketplace to find the latest changes. Action Summary The Pi Coding Agent GitHub Action integrates the Pi coding agent with GitHub workflows to automate tasks such as issue analysis, pull request reviews, and code improvements. It supports interactive workflows triggered by specific comments (e.g., /pi) and non-interactive workflows with predefined prompts, enabling automated commits, PR creation, and code reviews. Additionally, it provides flexibility with various LLM providers and customizable extensions to adapt to different development needs.

Version updated for https://github.com/sonukapoor/cve-lite-cli to version v1.6.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary CVE Lite CLI is a fast, local-first vulnerability scanning tool for JavaScript and TypeScript projects, designed to identify and prioritize fixes for dependency vulnerabilities. It automates the process of analyzing lockfiles, querying the OSV database for advisories, and generating actionable remediation commands. Key features include offline support, visibility into direct vs transitive risks, and the ability to operate without requiring user accounts or external cloud services, making it particularly suited for secure and restricted environments.

Version updated for https://github.com/thejefflarson/soundcheck-action to version v1.0.10. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The Soundcheck Security Review GitHub Action automates OWASP security reviews for your repository by scanning source code, identifying Critical, High, and Medium severity issues, and automatically rewriting them in place. It opens or updates a pull request with the fixes and a severity-ranked findings table, simplifying the process of addressing security vulnerabilities. Powered by the Soundcheck skill suite, it supports comprehensive security checks aligned with OWASP Web and LLM Top 10 standards.

Version updated for https://github.com/yeaight7/dbt-semguard to version v0.1.1. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary dbt-semguard is a GitHub Action and CLI tool designed to detect semantic breaking changes in dbt Semantic Layer definitions. It automates the comparison of two versions of a semantic contract, classifies changes by severity (breaking, risky, or safe), and generates actionable output in formats such as JSON or Markdown. This tool helps prevent production issues by identifying impactful changes to dbt metrics without requiring direct access to the data warehouse or dbt runtime internals.

Version updated for https://github.com/hjs-spec/jep-github-action to version v0.1.0. This action is used across all versions by ? repositories. Action Type This is a Node action using Node version 20. Go to the GitHub Marketplace to find the latest changes. Action Summary The “JEP Accountability for GitHub” action automates the generation of cryptographically signed Judgment Event Protocol (JEP) accountability receipts for AI or automated operations on GitHub, such as pull request merges, creations, and issue closures. It provides transparency by posting receipts as comments, adding commit status checks, and optionally sending events to a centralized API for storage. This action is designed to enhance accountability and traceability for automated workflows involving bots or AI agents.

Version updated for https://github.com/hostwithquantum/setup-k8s-action to version v0.6.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The setup-k8s-action GitHub Action simplifies the setup of Kubernetes tools and configuration within workflows by automating the initialization of the KUBECONFIG environment variable. It streamlines the process of configuring Kubernetes environments, such as staging or production, and ensures the necessary tools and configurations are readily available for deployment or management tasks. This action is ideal for automating Kubernetes-related workflows in CI/CD pipelines.