Version updated for https://github.com/trivoallan/regis to version v0.28.6. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Regis is a GitHub Action designed for comprehensive container security analysis and policy enforcement in CI/CD pipelines. It automates tasks such as vulnerability scanning, compliance checks, image optimization, and build provenance verification using a pluggable ecosystem of industry-standard tools. It provides detailed, interactive HTML dashboards and machine-readable reports to streamline security and quality assurance in containerized workflows.

Version updated for https://github.com/trusthandoff/agentverif-action to version v1.0.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The agentverif GitHub Action automates the process of scanning, signing, and verifying AI agent packages in CI/CD pipelines. It ensures package integrity and security by performing an OWASP LLM Top 10 scan, refusing packages with low scores, and injecting a digital signature and license ID into valid packages. This action helps vendors certify their agents and allows buyers to verify package authenticity, preventing the use of tampered or unsigned agents in deployment workflows.

Version updated for https://github.com/Viktorsdb/agent-debug to version v0.3.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Summary: The agent-debug GitHub Action is a diagnostic tool for AI agents, providing root cause analysis and actionable fixes for agent failures. It automates the identification of issues such as incorrect tool usage or hallucinations, explains why failures occurred, and suggests concrete system prompt or tool definition adjustments. The action supports multiple AI providers and SDKs, integrates seamlessly into GitHub workflows to comment on pull requests with debugging insights, and offers automated trace capture for streamlined troubleshooting.

Version updated for https://github.com/wearethefoos/release-monorepo-action to version v2.0.0. This action is used across all versions by ? repositories. Action Type This is a Node action using Node version 24. Go to the GitHub Marketplace to find the latest changes. Action Summary This GitHub Action automates the creation of Semantic Versioning (SemVer) releases by analyzing conventional commit messages to determine version bumps. It generates GitHub releases with changelogs, updates package versions in manifest files, and supports multi-package monorepos. Additionally, it enables automated prerelease creation from pull requests, streamlining version management and release workflows.

Version updated for https://github.com/duriantaco/skylos to version v4.4.0. This action is used across all versions by 15 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Skylos is an open-source static analysis tool and GitHub Action that identifies dead code, hardcoded secrets, exploitable flows, and AI-generated security vulnerabilities in Python, TypeScript, and Go. It automates code review and quality assurance by integrating into CI/CD workflows to gate pull requests with actionable feedback, minimizing security risks and technical debt. Skylos also offers advanced features like AI defense, in-editor findings, and support for AI-assisted development tools, making it particularly useful for teams working with AI-driven coding assistants.

Version updated for https://github.com/gannonk08/firebase-action-python to version v15.15.0. This action is used across all versions by 1 repositories. Action Type This is a Docker action. Go to the GitHub Marketplace to find the latest changes. Action Summary This GitHub Action provides automation for executing Firebase CLI commands, enabling seamless integration of Firebase-related tasks such as deploying functions, hosting, Firestore rules, and more into CI/CD workflows. It simplifies authentication and deployment by supporting service account authentication, project configuration, and optional Python virtual environment setup for Firebase functions. This action is particularly useful for streamlining Firebase operations during development and deployment processes.

Version updated for https://github.com/glferreira-devsecops/cascavel-dependency-audit to version v1.0.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Cascavel Dependency Audit is a GitHub Action that automates the detection of vulnerabilities in project dependencies across seven major ecosystems (e.g., npm, pip, Go, Ruby). It scans package files, queries the Google OSV database for known CVEs, generates detailed reports (including SARIF format), and blocks CI/CD pipelines if critical vulnerabilities are found. This zero-configuration tool simplifies dependency security by supporting multiple ecosystems, integrating with native tools when available, and providing robust reporting and ignore options.

Version updated for https://github.com/glferreira-devsecops/cascavel-header-guard to version v1.0.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Cascavel Header Guard is a GitHub Action designed to analyze HTTP security headers in CI/CD pipelines. It audits web application URLs for the presence and quality of critical security headers (e.g., HSTS, CSP, X-Frame-Options), assigns a security score (A+ to F), and blocks deployments if headers fail to meet a specified threshold. This action helps teams proactively identify and address common web vulnerabilities, such as missing or misconfigured headers, before code reaches production.

Version updated for https://github.com/glferreira-devsecops/cascavel-secret-scanner to version v1.0.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Cascavel Secret Scanner is a GitHub Action designed for detecting and preventing hardcoded secrets, such as AWS keys, GitHub tokens, and database passwords, from reaching production environments in CI/CD pipelines. It automates secret scanning across 30+ file types with zero configuration, leveraging over 40 curated detection patterns and providing features like SARIF support, log redaction, and optional Git history scanning. This tool simplifies enterprise-grade secret management, reducing setup complexity and improving security workflows.

Version updated for https://github.com/goosewobbler/releasekit to version v0.13.8. This action is used across all versions by 0 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary ReleaseKit is a lightweight and modular release automation tool for JavaScript and Rust projects, designed to streamline versioning, changelog generation, and package publishing in CI/CD pipelines. It leverages conventional commits to automate semantic versioning, supports monorepos, and integrates seamlessly with GitHub Actions for both release execution and PR-based release previews. Key features include AI-enhanced release notes, flexible configuration, and composable tools that can be used independently or as part of a unified workflow.