Release 2.2.0
🚀 What's Changed
- feat: P0/P1/P2 security hardening, decomposition, and feature additions (@devatsecure)
🐳 Docker Images
Multi-platform container images are available on GitHub Container Registry:
# Pull the image
docker pull ghcr.io/devatsecure/Argus-Security:2.2.0
docker pull ghcr.io/devatsecure/Argus-Security:2.2
docker pull ghcr.io/devatsecure/Argus-Security:2
docker pull ghcr.io/devatsecure/Argus-Security:latestSupported Platforms
linux/amd64linux/arm64
Quick Start
# Run security audit on current directory
docker run -v $(pwd):/workspace \
-e ANTHROPIC_API_KEY=$ANTHROPIC_API_KEY \
ghcr.io/devatsecure/Argus-Security:2.2.0 \
/workspace auditGitHub Actions Usage
- name: Run Argus Security Review
uses: devatsecure/argus-action@v2.2.0
with:
anthropic_api_key:
severity_threshold: high📦 Installation
Using Docker (Recommended)
docker pull ghcr.io/devatsecure/Argus-Security:2.2.0Using pip
pip install git+https://github.com/devatsecure/Argus-Security.git@v2.2.0Using GitHub Actions
See README.md for complete setup instructions.
🔒 Security
This release includes:
- ✅ Signed container images (Sigstore/cosign)
- ✅ Software Bill of Materials (SBOM)
- ✅ Provenance attestations
- ✅ Vulnerability scanning (Trivy)
Verify Container Signature
cosign verify \
--certificate-identity-regexp="https://github.com/devatsecure/Argus-Security" \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com \
ghcr.io/devatsecure/Argus-Security:2.2.0📚 Documentation
🐛 Bug Reports
Found a bug? Please open an issue.
Full Changelog: v2.1.0...v2.2.0
Contributors
devatsecure