{"id":29035343,"url":"https://github.com/lucasbalieiro/binary-x9","last_synced_at":"2026-04-22T21:36:07.741Z","repository":{"id":300860878,"uuid":"1007404875","full_name":"lucasbalieiro/binary-x9","owner":"lucasbalieiro","description":"binary-x9 is a simple GitHub Action that watches your pull requests like a hawk and snitches on any added or changed binary files — because sometimes, binaries in your codebase deserve a second look.","archived":false,"fork":false,"pushed_at":"2025-06-24T01:11:59.000Z","size":8,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-06-24T01:29:50.690Z","etag":null,"topics":["actions","binary","bot","pull-request","security"],"latest_commit_sha":null,"homepage":"https://github.com/marketplace/actions/binary-x9","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lucasbalieiro.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-24T00:21:29.000Z","updated_at":"2025-06-24T01:20:31.000Z","dependencies_parsed_at":"2025-06-25T12:15:59.347Z","dependency_job_id":null,"html_url":"https://github.com/lucasbalieiro/binary-x9","commit_stats":null,"previous_names":["lucasbalieiro/binary-x9"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/lucasbalieiro/binary-x9","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lucasbalieiro%2Fbinary-x9","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lucasbalieiro%2Fbinary-x9/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lucasbalieiro%2Fbinary-x9/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lucasbalieiro%2Fbinary-x9/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lucasbalieiro","download_url":"https://codeload.github.com/lucasbalieiro/binary-x9/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lucasbalieiro%2Fbinary-x9/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32156604,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-22T17:06:48.269Z","status":"ssl_error","status_checked_at":"2026-04-22T17:06:19.037Z","response_time":58,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actions","binary","bot","pull-request","security"],"created_at":"2025-06-26T12:08:13.608Z","updated_at":"2026-04-22T21:36:07.713Z","avatar_url":"https://github.com/lucasbalieiro.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# binary-x9\n\n![binary-x9](https://img.shields.io/badge/binary--x9-%E2%9A%A0%EF%B8%8F-red?style=flat-square)\n\n## 🚨 The Binary Informer for Your Pull Requests\n\n`binary-x9` is a simple **GitHub Action** that watches your pull requests like a hawk and **snitches on any added or changed binary files** — because sometimes, binaries in your codebase deserve a second look.\n\n---\n\n### Why `binary-x9`?\n\nIn Brazil, **“X9”** is slang for an **informer or snitch** — the one who tells the authorities about suspicious activities. This action plays the same role for your repo: it **doesn't judge or analyze binaries**; it simply **raises a flag** to alert reviewers that something binary and potentially suspicious just slipped into the PR.\n\n---\n\n### What does it do?\n\n- Detects **added or modified binary files** in pull requests targeting your main branch.\n- Posts a clear comment on the PR listing those binary files.\n- Helps your team **stay aware and vigilant** about those “invisible” files that GitHub doesn't highlight well.\n- Keeps your codebase safer by making reviewers notice potentially risky binaries early.\n\n---\n\n### Simple by design. Honest by nature.\n\nThis action is **not a malware scanner**. It's a **watchdog**, a **sentinel**, a **loud mouth** that tells reviewers:  \n\u003e *“Hey, this PR changed or added binary files. Double-check before you merge!”*\n![alt text](image.png)\n\n---\n\n### Usage Example\n\n```yaml\nname: Binary File Change and New Binary Detection Example Repo\n\non:\n  pull_request:\n    branches:\n      - main\n\npermissions:\n  issues: write\n  pull-requests: write\n\njobs:\n  binary-check:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n\n      - name: Run binary file detection action\n        uses: lucasbalieiro/binary-x9@v1.0.0\n        with:\n          github_token: ${{ secrets.GITHUB_TOKEN }}\n```\n\n---\n\n### Inputs\n\n| Input         | Required | Description                           |\n| ------------- | -------- | ----------------------------------- |\n| `github_token`| Yes      | GitHub token to post PR comments    |\n\n---\n\n### Why should you care?\n\nBecause **binary files hide secrets, backdoors, and surprises** that can break your build or worse — compromise your security. GitHub’s UI is *too quiet* about them, but `binary-x9` will make sure **no binary goes unnoticed.**\n\nThis idea was sparked by the infamous [Xz Utils backdoor incident](https://en.wikipedia.org/wiki/Xz_utils#Backdoor_incident), where a malicious binary slipped into a widely used project — highlighting how \"easy\" it is for dangerous binaries to hide in plain sight.\n\nThe inspiration solidified when reviewing this PR:  \n[https://github.com/stratum-mining/stratum/pull/1760#pullrequestreview-2950763360](https://github.com/stratum-mining/stratum/pull/1760#pullrequestreview-2950763360)\n\n---\n\n### How it works\n\n`binary-x9` uses a simple trick leveraging Git’s built-in diff command:\n\nWe run:\n\n```bash\ngit diff --numstat origin/$GITHUB_BASE_REF\n```\n\nAccording to [Git’s documentation](https://git-scm.com/docs/git-diff#Documentation/git-diff.txt-code--numstatcode), this command outputs a numeric summary of changes for each file:\n\n* For regular text files, it shows the number of added and deleted lines.\n* For **binary files**, it outputs two dashes (`-`) instead of numbers (like `-    -    path/to/binary`).\n\nThe action then uses a straightforward `awk` script to **detect files with those dashes**, effectively flagging binaries.\n\nIt’s simple, it’s dumb, and it’s exactly what it needs to be — no deep analysis, just a sharp eye on your PR’s binary files.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flucasbalieiro%2Fbinary-x9","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flucasbalieiro%2Fbinary-x9","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flucasbalieiro%2Fbinary-x9/lists"}