Releases · auths-dev/capsec-github-action · GitHub

21 Mar 02:17

bordumb

v1.0.2 Latest

Latest

Full Changelog: v1.0.1...v1.0.2

Assets 2

20 Mar 18:01

bordumb

v1.0.0

Marketplace

Marketplace

capsec audit GitHub Action v1.0.0

First release of the official GitHub Action for capsec — static capability auditing for
Rust.

What it does

Runs cargo capsec audit on your Rust workspace and reports ambient authority usage (filesystem, network, environment, process, FFI) in your code.

Features

SARIF upload to GitHub Code Scanning (findings appear in the Security tab)
Inline PR comments via reviewdog (free for all repos, no GHAS required)
Baseline diffing — only fail on new findings introduced in a PR
Configurable threshold — fail on low, medium, high, or critical
Installs from crates.io automatically

Quick start

- uses: bordumb/capsec-github-action@v1
 with:
   fail-on: high

See README.md for full docs.

Assets 2