Releases: jinyounghub/agentic-workflow-guard
Releases · jinyounghub/agentic-workflow-guard
Release list
v0.2.1
What's changed
- Added a 30-second advisory GitHub Action quick start near the top of the README.
- Added a real synthetic report preview plus direct links to the successful demo run and Marketplace listing.
- Declared the Action's
report-path,findings, and severity-count outputs inaction.yml. - Added metadata coverage so declared outputs stay aligned with the runtime.
- Stabilized the committed baseline fixture test across Windows path aliases.
Install
npm install --save-dev @jin0/agentic-workflow-guard@0.2.1GitHub Actions users can continue using jinyounghub/agentic-workflow-guard@v0, which now points to this release.
Full changelog: v0.2.0...v0.2.1
v0.2.0
v0.2.0
Public OSS release focused on real-world adoption: noise control, data-flow precision, catalog verification, and contributor onboarding.
Added
- Config file support with rule disable, severity override, path excludes, and narrow suppressions.
- Baseline support for accepted existing findings.
- Finding fingerprints and active/suppressed/baselined report state.
- Improved GitHub expression handling and one-step env data-flow detection for AI output references.
- Verified AI action catalog metadata and documentation.
- Contributor onboarding docs and beginner-friendly synthetic fixtures.
Verification
- npm run lint
- npm test
- npm run build
- npm audit --audit-level=moderate
- npm pack --dry-run
- workflow self-scan
- fixture scans
- SARIF JSON parse check
v0.1.1
v0.1.1
Patch release focused on public project hardening and package verification.
Changed
- Added npm smoke-test evidence.
- Added CI package smoke test and self-scan artifacts.
- Added project health metrics.
- Added adoption guidance and release checklist documentation.
- Removed private planning material from public docs.
- Updated README badges, usage examples, and early maturity notes.
Verification
npm cinpm run lintnpm testnpm run buildnpm audit --audit-level=moderatenpm pack --dry-run- packed CLI smoke test
- workflow self-scan Markdown/SARIF artifact generation
v0.1.0
v0.1.0
Initial public release of agentic-workflow-guard.
Highlights
- TypeScript CLI for scanning GitHub Actions workflow files.
- GitHub Action wrapper with bundled runtime in dist/action.
- Markdown, JSON, and SARIF report output.
- AI action catalog seed for Codex, Claude Code, Gemini CLI, and GitHub Models inference.
- Rules R001-R109 for prompt boundaries, untrusted GitHub context, privileged permissions, pwn-request checkout, prompt-to-script flow, sensitive sinks, floating AI action refs, missing permissions, and secrets exposed to agent steps.
- Synthetic safe and vulnerable fixtures with Vitest coverage.
- Threat model, rule catalog, comparison docs, and responsible disclosure guidance.
Package
Published to npm as @jin0/agentic-workflow-guard.