Version updated for https://github.com/immanuwell/dockerfile-roast to version 1.0.1. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The droast GitHub Action is a Dockerfile linter designed to identify and flag bad practices in Dockerfiles, providing feedback in a direct and opinionated manner. It automates the process of reviewing Dockerfiles for issues like insecure configurations, inefficiencies, and anti-patterns, and integrates seamlessly into CI pipelines by annotating pull request diffs with findings. Key capabilities include severity filtering, rule customization, multiple output formats (e.g., GitHub annotations, JSON), and the option to suppress non-critical errors.

Version updated for https://github.com/jbunds/coverage to version v1.0.13. This action is used across all versions by 0 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary This GitHub Action provides a tool to generate an interactive HTML-based visualization of Go test coverage, serving as a drop-in replacement for go tool cover -html. It automates the creation of navigable source file coverage reports, highlighting tested and untested lines, and organizes the results into a browsable directory tree with light/dark theme support. This simplifies understanding and reviewing test coverage across Go projects.

Version updated for https://github.com/johnbillion/action-wordpress-plugin-attestation to version 0.7.2. This action is used across all versions by 18 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The “WordPress Plugin Attestation” GitHub Action generates a build provenance attestation for WordPress plugin zip files deployed to the wordpress.org plugin directory, enhancing supply chain security by verifying the origin of plugin releases. This action helps protect against unauthorized modifications, such as those from compromised credentials or hostile takeovers, by allowing consumers to confirm that plugins were built and released by the intended author. It integrates seamlessly with deployment workflows, including the WordPress Plugin Deploy action, and supports artifact verification using tools like gh attestation verify.

Version updated for https://github.com/juspay/neurolink to version v9.54.4. This action is used across all versions by 9 repositories. Action Type This is a Node action using Node version 20. Go to the GitHub Marketplace to find the latest changes. Action Summary NeuroLink is a universal AI integration platform that consolidates 13 major AI providers and over 100 models into a single, consistent API. It streamlines the process of integrating AI into applications by enabling seamless switching between providers, optimizing costs with intelligent routing, and offering advanced features like multi-provider failover and persistent memory. This action automates AI workflows, simplifies provider management, and ensures scalability for enterprise-grade AI systems.

Version updated for https://github.com/kitsuyui/gh-build-size to version v0.1.2. This action is used across all versions by 6 repositories. Action Type This is a Node action using Node version 24. Go to the GitHub Marketplace to find the latest changes. Action Summary gh-build-size is a GitHub Action that automates the measurement and reporting of built artifact sizes for pull requests and the default branch. It compares build outputs (e.g., JavaScript, CSS, or WebAssembly files) against a baseline, generates size metrics (raw, gzip, brotli), enforces size limits, and posts PR comments with detailed insights. Additionally, it can publish JSON reports and visual badges for tracking size changes, helping developers monitor and optimize build sizes effectively.

Version updated for https://github.com/mattmezza/timebombs to version v0.5.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The timebombs GitHub Action is a static analysis tool designed to help development teams manage technical debt by tracking code changes with structured comments that include deadlines. It automates the detection of outdated or pending tasks in the codebase, categorizing them as “ticking” (approaching deadlines) or “exploded” (past deadlines), and integrates with CI pipelines to enforce accountability. By providing a lightweight, language-agnostic solution, it addresses the challenge of managing technical debt in fast-paced development environments, including those leveraging AI coding agents.

Version updated for https://github.com/maxgerhardson/sentrik-community to version v1.4.0. This action is used across all versions by 0 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary Sentrik is a governance tool designed to automate the enforcement of coding standards, compliance rules, and security policies for AI-generated code in CI/CD pipelines. By scanning code changes against regulatory standards (e.g., OWASP, SOC 2, HIPAA), it identifies potential violations, gates pull requests with issues, and generates audit-ready reports. This action streamlines compliance, improves code quality, and reduces the risk of undetected security vulnerabilities in fast-paced, AI-assisted development workflows.

Version updated for https://github.com/ncaq/kyosei-action to version v1.2.0. This action is used across all versions by 1 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The kyosei-action GitHub Action integrates the kyosei AI-powered code review plugin into CI workflows to analyze pull requests for code quality, performance, security, test coverage, and documentation accuracy. It addresses limitations of other code review tools by ensuring re-reviews on subsequent PR updates, avoiding redundant or resolved comments, and customizing reviews to project-specific conventions. This action automates comprehensive, context-aware code reviews to streamline development workflows.

Version updated for https://github.com/ollieb89/workflow-guardian to version v1.1.1. This action is used across all versions by ? repositories. Action Type This is a Node action using Node version 20. Go to the GitHub Marketplace to find the latest changes. Action Summary Workflow Guardian is a GitHub Action designed to analyze and validate GitHub Actions workflow files for syntax errors, security vulnerabilities, deprecated practices, and best-practice violations. It automates the process of identifying issues like unpinned action references, invalid path filters, incorrect matrix strategies, and insecure configurations, ensuring workflows are robust and secure. The action provides structured feedback via pull request comments and enforces fixes by failing CI for critical errors.

Version updated for https://github.com/quarkiverse/quarkus-roq to version 2.1.0. This action is used across all versions by 70 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The GitHub Action for Quarkus Roq is designed to simplify the deployment of static websites and blogs generated using the open-source Roq static site generator. Built on Java and Quarkus, Roq automates tasks such as converting templates, Markdown, and other content into static files with type safety, while also enabling seamless integrations like FrontMatter for metadata and SEO management. This action streamlines the publishing process for developers by automating the generation and deployment of static sites directly from their repositories.