Skip to main content
We are excited to introduce the latest features and enhancements in Endor Labs.

Bazel Bzlmod support for JavaScript projects

New Endor Labs now supports Bzlmod when you use Bazel aspects for JavaScript projects. Bzlmod support requires Bazel aspects with rules_js >= 2.0.0. For more information, see Bazel and Bazel Aspects.

Bazel Bzlmod support for Rust projects

New Endor Labs now supports Bzlmod when you use Bazel aspects for Rust projects. Bzlmod support requires Bazel aspects with rules_rust >= 0.40.0. For more information, see Bazel and Bazel Aspects.

Detect imposter commits in GitHub Actions workflows

New Endor Labs now supports verifying that a commit SHA pinned in a workflow exists in the action’s upstream GitHub repository. A critical finding is raised when the commit cannot be found, as this may indicate an imposter commit or a supply chain attack. For more information, see GitHub Action policies.

Bazel Bzlmod support for Swift projects

New Endor Labs now supports Bzlmod when you use Bazel aspects for Swift projects. Bzlmod support requires Bazel aspects with rules_swift >= 2.0.0. For more information, see Bazel and Bazel Aspects.

Bazel Bzlmod support for Python projects

New Endor Labs now supports Bzlmod when you use Bazel aspects for Python projects. Bzlmod support requires Bazel aspects with rules_python >= 0.30.0. For more information, see Bazel and Bazel Aspects.

Automatic requirements file detection in Python

Enhancement Endor Labs now supports auto detection of non-standard pip requirement .txt files. Endor Labs identifies files that match pip requirement patterns and treat them as manifests, which reduces the need to maintain long lists of custom requirement files. For more information, see Python.

Automatically scan new repositories

Enhancement Endor Labs scans new repositories in your organization as soon as they are created when the GitHub App (Pro) or the GitHub Enterprise Server App is installed with All repositories selected. This enables pull request scanning immediately, without waiting for the next scheduled scan. For installation scope, monitoring scans, and pull request checks, see Deploy Endor Labs GitHub App (Pro) and Deploy Endor Labs GitHub Enterprise Server App.

Longer finding tags

Enhancement Endor Labs now supports finding tag lengths of up to 255 characters. This helps prevent scan errors when findings include longer tag values, such as container image names or Bazel targets. For more information, see Tagging projects.