Version updated for https://github.com/sbomify/sbomify-action to version v26.1.0. This action is used across all versions by 25 repositories. Action Type This is a Docker action. Go to the GitHub Marketplace to find the latest changes. Action Summary The sbomify-action GitHub Action automates the generation, enrichment, and management of Software Bill of Materials (SBOMs) in CI/CD pipelines. It supports multiple ecosystems and formats (CycloneDX, SPDX), integrates package metadata from various sources, and enables cryptographic signing, attestation, and compliance tracking.

Version updated for https://github.com/SyntheticSynaptic/agentura to version v0.2.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Agentura is a CI/CD evaluation platform designed for testing and validating AI agents. It helps identify and prevent regressions before deployment by providing detailed insights into test case failures, improvements, and performance metrics using various evaluation strategies such as semantic similarity scoring, LLM-based judgment, and tool use validation.

Version updated for https://github.com/Vigilant-LLC/runner-guard to version v2.4.1. This action is used across all versions by 0 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Runner Guard is a security-focused GitHub Action that performs static taint analysis on CI/CD workflow files to detect vulnerabilities where attacker-controlled inputs (e.g., fork code, branch names, PR metadata) can lead to dangerous operations like secret exfiltration, shell execution, or supply chain attacks.

Version updated for https://github.com/vmvarela/ghoten to version v1.13.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Ghoten is a fork of OpenTofu that introduces a native oras backend for managing Terraform/OpenTofu state in OCI-compatible container registries, such as GitHub Container Registry (GHCR). It simplifies state management by eliminating the need for a separate backend service, leveraging existing registry authentication, permissions, and auditing.

Version updated for https://github.com/fallow-rs/fallow to version v2.1.0. This action is used across all versions by 1 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary This GitHub Action, “fallow,” is a Rust-native tool designed to analyze TypeScript and JavaScript codebases for dead code, duplication, and complexity hotspots. It automates the detection of unused files, exports, and dependencies, identifies copy-pasted code, and highlights overly complex functions to streamline code maintenance and improve overall code quality.

Version updated for https://github.com/gauravs08/ai-pr-reviewer to version 1.0.0. This action is used across all versions by ? repositories. Action Type This is a Node action using Node version 20. Go to the GitHub Marketplace to find the latest changes. Action Summary The AI PR Reviewer is a GitHub Action that automates pull request and merge request code reviews using AI (Claude). It works with GitHub, GitLab, and Bitbucket to analyze code changes, identify issues related to code quality, security vulnerabilities, and cross-file impacts, and automatically posts inline comments and summary feedback on PRs/MRs.

Version updated for https://github.com/gh-workflow/setup-docker-desktop-macos to version 0.0.2. This action is used across all versions by 2 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The setup-docker-desktop-macos GitHub Action installs and starts Docker Desktop on macOS runners in GitHub Actions workflows. It automates the setup of a Docker environment specifically for testing workflows or applications that depend on Docker on macOS systems.

Version updated for https://github.com/google/osv-scanner-action to version v2.3.5. This publisher is shown as ‘verified’ by GitHub. This action is used across all versions by 1,839 repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The OSV-Scanner CI/CD GitHub Action integrates with the OSV.dev vulnerability database to automate dependency vulnerability scanning in software projects. It provides workflows for scanning on pull requests to detect newly introduced vulnerabilities and for performing full or scheduled scans to identify existing issues in the dependency tree.

Version updated for https://github.com/h3y6e/action-slack to version v4.0.8. This action is used across all versions by 1 repositories. Action Type This is a Node action using Node version 24. Go to the GitHub Marketplace to find the latest changes. Action Summary The action-slack GitHub Action automates the process of sending notifications to Slack from GitHub Actions workflows. It helps keep teams informed by providing updates about workflow statuses, events, and key job details directly in Slack channels.