Versions:
actionlint is a purpose-built static analysis tool that scrutinizes YAML files used by GitHub Actions, flagging syntax mistakes, deprecated features, insecure expressions, and divergences from the official workflow schema before flawed automation reaches the main branch. Developed by rhysd, the utility parses the complete GitHub Actions grammar—jobs, steps, contexts, matrix axes, reusable workflows, composite actions, and permissions—then emits clear, file-and-line error messages that integrate natively with editors and CI pipelines. Typical use cases range from local pre-commit hooks that block faulty pull requests to nightly cron jobs that audit every workflow across an enterprise organization; security teams also embed it in containerized linting stages to enforce least-privilege permission sets or to detect hard-coded secrets. The program ships as a self-contained Go binary for Windows, macOS, and Linux, requiring no Node runtime, and can be invoked as a GitHub Action itself for dogfooding. Category placement falls under Developer Tools / Code Quality / Linting. The current stable release is version 1.7.12, representing eighteen published iterations since the project’s debut, each refining rule coverage, performance, and shell-command parsing accuracy. actionlint is available for free on get.nero.com, with downloads provided via trusted Windows package sources such as winget, always delivering the latest version, and supporting batch installation of multiple applications.
Tags: