v2.0.9

What's Changed

• visibility by @squid-protocol in #13
  Added clarity to terabyte_log_scanner section

Full Changelog: v2.0.8...v2.0.9

v2.0.8

What's Changed

• jcl transparency by @squid-protocol in #10
• feat: migrate Museum of Code to HTML and setup MkDocs CI/CD by @squid-protocol in #11
• Fix cascade delete hang by adding indexes to class and function tables by @squid-protocol in #12

Full Changelog: v2.0.7...v2.0.8

GitGalaxy Scanner v2.0.7

The official GitHub Action for the GitGalaxy DevSecOps Suite.

This release brings GitGalaxy's AST-free, zero-trust static analysis directly into your CI/CD pipelines, allowing you to block poisoned builds and generate forensic artifacts in seconds.

🛡️ Available Pipeline Sentinels

• Supply Chain Firewall (supply-chain-firewall): Blocks typosquatting and malicious imports.
• Vault Sentinel (vault-sentinel): Hyper-speed hardcoded secrets detection.
• X-Ray Inspector (xray-inspector): Triage for encrypted payloads and binary anomalies.
• Zero-Trust SBOM (zero-trust-sbom): Generates mathematically verified CycloneDX manifests.
• API Network Map (api-network-map): Hunts for undocumented Shadow APIs.
• AI Guardrails: Automatically evaluates LLM AppSec risks and Agentic context limits via galaxyscope.

🪶 Zero-Dependency Native

Executes in seconds utilizing Python's standard library. The optional full_precision input flag seamlessly unlocks heavy physics engines (NetworkX, TikToken, XGBoost) for ML threat inference and Blast Radius calculations.

🚀 Quickstart Example

- name: Run GitGalaxy Supply Chain Firewall
  uses: squid-protocol/gitgalaxy@v2.0.7
  with:
    tool: 'supply-chain-firewall'

What's Changed

• pypi fix by @squid-protocol in #5
• Add descriptive message about what you changed by @squid-protocol in #6
• Potential fix for code scanning alert no. 1: Bad HTML filtering regexp by @squid-protocol in #7
• feat: add CI/CD YAML AppSec sensors for supply chain defense by @squid-protocol in #8
• feat: add GitGalaxy composite action and modernize Spoke CI/CD docume… by @squid-protocol in #9

Full Changelog: v2.0.6...v2.0.7

v2.0.6 - Dynamic Versioning

Full Changelog: v2.0.5...v2.0.6

v2.0.5 - pypi sync

Full Changelog: v2.0.4...v2.0.5

v2.0.4 - Matrix Hardened & Enterprise Security

What's Changed

• ci: implement cross-platform matrix testing by @squid-protocol in #1
• Bump actions/setup-python from 5 to 6 by @dependabot[bot] in #3
• Bump actions/checkout from 4 to 6 by @dependabot[bot] in #2
• ci: implement CodeQL static application security testing by @squid-protocol in #4

New Contributors

• @squid-protocol made their first contribution in #1
• @dependabot[bot] made their first contribution in #3

Full Changelog: v2.0.0...v2.0.4