April 2026
We are excited to introduce the latest features and enhancements in Endor Labs.
Detect imposter commits in GitHub Actions workflows New
Endor Labs now supports verifying that a commit SHA pinned in a workflow exists in the action’s upstream GitHub repository. A critical finding is raised when the commit cannot be found, as this may indicate an imposter commit or a supply chain attack.
For more information, see GitHub Action policies.
Bazel Bzlmod support for Swift projects New
Endor Labs now supports Bzlmod when you use Bazel aspects for Swift projects. Bzlmod support requires Bazel aspects with rules_swift >= 2.0.0.
For more information, see Bazel and Bazel Aspects.
Bazel Bzlmod support for Python projects New
Endor Labs now supports Bzlmod when you use Bazel aspects for Python projects. Bzlmod support requires Bazel aspects with rules_python >= 0.30.0.
For more information, see Bazel and Bazel Aspects.
Automatic requirements file detection in Python Enhancement
Endor Labs now supports auto detection of non-standard pip requirement .txt files. Endor Labs identifies files that match pip requirement patterns and treat them as manifests, which reduces the need to maintain long lists of custom requirement files.
For more information, see Python.
Automatically scan new repositories Enhancement
Endor Labs scans new repositories in your organization as soon as they are created when the GitHub App (Pro) or the GitHub Enterprise Server App is installed with All repositories selected. This enables pull request scanning immediately, without waiting for the next scheduled scan.
For installation scope, monitoring scans, and pull request checks, see Deploy Endor Labs GitHub App (Pro) and Deploy Endor Labs GitHub Enterprise Server App.
Feedback
Was this page helpful?
Thanks for the feedback. Write to us at support@endor.ai to tell us more.
Thanks for the feedback. Write to us at support@endor.ai to tell us more.