KOREXT Enforce v3.0.1

Updated to Korext CLI 1.0.1.

What's Changed

• 72 policy packs with 547 detection rules across 18 industries
• Data sovereignty: choose US, EU, or Asia Pacific for data processing
• Cryptographically signed proof bundles with HMAC v2
• Customer managed signing keys
• Deep code analysis across 13 languages with confidence scoring
• Organization policy enforcement with mandatory packs
• MCP Server integration (Model Context Protocol)

Migration from v3.0.0

No breaking changes. Replace uses: Korext/enforce-action@v3.0.0 with uses: Korext/enforce-action@v3.0.1 or use @v3 for the latest.

Full Changelog: v3.0.0...v3.0.1

KOREXT Enforce v3.0.0

Production release. Full platform parity.

• 72 policy packs with 532 detection rules across 18 industries
• • Data sovereignty: choose US, EU, or Asia Pacific for data processing
• • Cryptographically signed proof bundles
• • Customer managed signing keys
• • Deep code analysis across 13 languages with confidence scoring
• • Organization policy enforcement with mandatory packs

KOREXT Enforce Action v2.0.0

What's New in v2.0.0

Proof bundles. Every scan now generates cryptographically signed compliance proof. Bundle IDs available in action outputs.

Multi-pack enforcement. Scan against multiple compliance frameworks in a single run.

Signed bundles. New sign-bundles input for HMAC signed proof artifacts.

Data sovereignty. New region input for regional data processing.

71 policy packs. 532 detection rules. Three governance layers: regulatory, CWE, MITRE ATT&CK.

Migration from v1

Replace uses: korext/enforce-action@v1 with uses: korext/enforce-action@v2

New outputs: bundle-ids, bundles-signed, bundle-count.

Full Changelog

See README.md for complete documentation.

KOREXT - AI Code Governance v1.0.2

What's Changed

Multi-pack enforcement support
Select and enforce multiple policy packs in a single scan. PCI-DSS + DORA together. HIPAA + FDA together. One scan, one proof bundle, multiple compliance frameworks.

4 new policy packs

• Browser Governance (10 rules): CSP, SRI, CORS, cookies, Permissions Policy, clickjacking, postMessage, open redirects
• • Quantum Resilience (8 rules): SHA-1, MD5, weak RSA, DES, deprecated TLS, weak curves, hardcoded IVs
• EU AI Act v2 (10 rules): logging, human oversight, bias detection, prompt injection, biometric consent, emotion recognition
• GPC Enforcement (8 rules): Sec-GPC header, tracking cookies, third party sharing, fingerprinting

Updated stats

• 71 policy packs, 532 detection rules
• Knowledge Base: 661 searchable documents with semantic search
• CLI updated to v0.9.6

Full Changelog: v1.0.1...v1.0.2-

v1.0.1: CLI updated to 0.9.5

Updated Korext CLI from 0.9.4 to 0.9.5.

Includes:

• Watch mode file change detection fix
• • Nonexistent directory now exits with error code 2
• • Offline enforcement shows rule availability count
• • Policy commands default to production API

Korext Enforce Action v1.0.0

Enforce security, compliance, and quality standards on AI-generated code directly in your GitHub workflows.

Features

• Scans code against Korext policy packs (web, owasp-top-10, hipaa-safeguards, and more)
• • Uploads SARIF to GitHub Code Scanning for inline PR annotations
• • Automatic GitHub Step Summary with violation report
• • Quality gate: fails workflow on critical/high severity violations
• • Works in anonymous mode (20 req/hr) with no setup required
• • Supports .ts, .tsx, .js, .jsx, .py, .go, .java, .rs files

Quick Start

- uses: Korext/enforce-action@v1
- ```