squid-protocol/gitgalaxy](https:

v2.0.7 Feature

This release adds 3 notable features for engineering teams evaluating rollout.

Published 1mo Forensics & Incident Response

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai-security security auditing cli cobol code-bioinformatics

+10 more

codebase-analysis deep-tech incident-response legacy-modernization python sbom software-architecture static-analysis supply-chain-security zero-trust

Affected surfaces

auth rbac deps

Summary

AI summary

Updates 🛡️ Available Pipeline Sentinels, 🚀 Quickstart Example ```yaml, and feat across a mixed release.

Full changelog

The official GitHub Action for the GitGalaxy DevSecOps Suite.

This release brings GitGalaxy's AST-free, zero-trust static analysis directly into your CI/CD pipelines, allowing you to block poisoned builds and generate forensic artifacts in seconds.

🛡️ Available Pipeline Sentinels

Supply Chain Firewall (supply-chain-firewall): Blocks typosquatting and malicious imports.
Vault Sentinel (vault-sentinel): Hyper-speed hardcoded secrets detection.
X-Ray Inspector (xray-inspector): Triage for encrypted payloads and binary anomalies.
Zero-Trust SBOM (zero-trust-sbom): Generates mathematically verified CycloneDX manifests.
API Network Map (api-network-map): Hunts for undocumented Shadow APIs.
AI Guardrails: Automatically evaluates LLM AppSec risks and Agentic context limits via galaxyscope.

🪶 Zero-Dependency Native

Executes in seconds utilizing Python's standard library. The optional full_precision input flag seamlessly unlocks heavy physics engines (NetworkX, TikToken, XGBoost) for ML threat inference and Blast Radius calculations.

🚀 Quickstart Example

- name: Run GitGalaxy Supply Chain Firewall
  uses: squid-protocol/[email protected]
  with:
    tool: 'supply-chain-firewall'

What's Changed

pypi fix by @squid-protocol in https://github.com/squid-protocol/gitgalaxy/pull/5
Add descriptive message about what you changed by @squid-protocol in https://github.com/squid-protocol/gitgalaxy/pull/6
Potential fix for code scanning alert no. 1: Bad HTML filtering regexp by @squid-protocol in https://github.com/squid-protocol/gitgalaxy/pull/7
feat: add CI/CD YAML AppSec sensors for supply chain defense by @squid-protocol in https://github.com/squid-protocol/gitgalaxy/pull/8
feat: add GitGalaxy composite action and modernize Spoke CI/CD docume… by @squid-protocol in https://github.com/squid-protocol/gitgalaxy/pull/9

Full Changelog: https://github.com/squid-protocol/gitgalaxy/compare/v2.0.6...v2.0.7

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track squid-protocol/gitgalaxy](https:

Get notified when new releases ship.

About squid-protocol/gitgalaxy](https:

All releases →