VYPR

Github Workflow Updater Extension

by RichardoC

Source repositories

CVEs (1)

  • CVE-2025-62794LowOct 28, 2025
    risk 0.25cvss 3.8epss 0.00

    GitHub Workflow Updater is a VS Code extension that automatically pins GitHub Actions to specific commits for enhanced security. Before 0.0.7, any provided Github token would be stored in plaintext in the editor configuration as json on disk, rather than through the more secure…