[PR #9] [MERGED] Add releaserun to CI/CD security tools #16

Closed
opened 2026-03-22 21:23:18 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/myugan/awesome-cicd-security/pull/9
Author: @Matheus-RR
Created: 3/3/2026
Status: Merged
Merged: 3/13/2026
Merged by: @myugan

Base: mainHead: add-releaserun


📝 Commits (1)

  • 94a335d Add releaserun to CI/CD security tools

📊 Changes

1 file changed (+1 additions, -0 deletions)

View changed files

📝 README.md (+1 -0)

📄 Description

Adds releaserun to the Tools section.

What it does: CLI tool and GitHub Action that scans CI/CD pipeline dependencies for known CVEs, end-of-life versions, and deprecated packages. Supports Node.js, Python, Go, Rust, and Docker.

Fits alongside tools like Harden-Runner and Cimon as a supply chain security layer in CI/CD pipelines, specifically catching vulnerable or EOL dependencies before deployment.


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/myugan/awesome-cicd-security/pull/9 **Author:** [@Matheus-RR](https://github.com/Matheus-RR) **Created:** 3/3/2026 **Status:** ✅ Merged **Merged:** 3/13/2026 **Merged by:** [@myugan](https://github.com/myugan) **Base:** `main` ← **Head:** `add-releaserun` --- ### 📝 Commits (1) - [`94a335d`](https://github.com/myugan/awesome-cicd-security/commit/94a335da05744ee0b3808c1233c269b250446626) Add releaserun to CI/CD security tools ### 📊 Changes **1 file changed** (+1 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `README.md` (+1 -0) </details> ### 📄 Description Adds [releaserun](https://github.com/Releaserun/releaserun-cli) to the Tools section. **What it does:** CLI tool and [GitHub Action](https://github.com/Releaserun/releaserun-action) that scans CI/CD pipeline dependencies for known CVEs, end-of-life versions, and deprecated packages. Supports Node.js, Python, Go, Rust, and Docker. Fits alongside tools like Harden-Runner and Cimon as a supply chain security layer in CI/CD pipelines, specifically catching vulnerable or EOL dependencies before deployment. - MIT licensed, open source - Available as [npm package](https://www.npmjs.com/package/releaserun) and GitHub Action - Free [web version](https://releaserun.com/tools/dependency-eol-scanner/) for manual checks --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-03-22 21:23:18 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/awesome-cicd-security#16