Automic VaultAutomic Vault

brew

wrkflw mit Homebrew, Nix installieren

Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für wrkflw in AI-Agent-Workflows.

Installation

Weitere Installationsbefehle

macOS

Homebrewverifiziert · 100%
brew install wrkflw

local Homebrew formula metadata

Linux

Nixverifiziert · 92%
nix profile install nixpkgs#wrkflw

nixpkgs package indexes · pkgs/by-name/wr/wrkflw/package.nix · Quelle: api.github.com

Überblick

Paketzusammenfassung

Validate and execute GitHub Actions workflows locally

Befehle und Aliase

  • wrkflw

Verlauf

Projektgeschichte und Nutzung

wrkflw is a Rust command-line tool for validating and executing GitHub Actions workflows locally. It is a young project, created in 2025, but it has enough primary-source history to describe its niche: local CI workflow feedback before pushing to GitHub.

The project overlaps with tools such as `act`, but its README emphasizes validation, a terminal UI, multiple runtimes, expression evaluation, workflow dependency handling, reusable workflows, matrix builds, artifacts, cache, and secrets support.

Projektgeschichte

The `bahdotsh/wrkflw` repository and crates.io package were created on 29 March 2025. GitHub releases show a fast early cadence in 2025, including 0.3.0 in April, 0.4.0 later that month, and several 0.5 through 0.7 releases in August.

By April 2026, wrkflw had reached version 0.8.0. The author's 2026 project note frames wrkflw as both a serious CI-tooling project and a way to learn Rust deeply, specifically citing hard parts such as the expression evaluator, async executor/runtime boundaries, and error design.

Adoptionsgeschichte

wrkflw's adoption is early but nontrivial for a new CLI: GitHub metadata shows thousands of stars within its first year, while crates.io records the package and version history. Its niche is the developer desire to test GitHub Actions locally rather than discovering workflow syntax or job-ordering problems only after a push.

The project also reflects a 2020s shift in CI tooling from remote-only validation toward local emulation. Its README lists Docker, Podman, plain emulation, and secure emulation runtimes, while the author note explains secure emulation as a compromise for users without containers who still need guardrails before running workflow steps locally.

Wie es verwendet wird

Users run wrkflw in repositories with GitHub Actions workflow files to validate workflow syntax and execute jobs locally. The tool supports selecting jobs, respecting `needs` dependencies, evaluating GitHub expression syntax, handling matrices, watching files, and using a TUI for workflow, execution, DAG, logs, trigger, secrets, and help views.

For package users, the important runtime distinction is container-backed execution versus emulation. The author's note is explicit that secure emulation does not provide full filesystem isolation; it validates commands, strips risky environment variables, applies timeouts, and blocks obvious dangerous patterns, while Docker or Podman remain the stronger boundary.

Warum Paket-Nerds sich dafür interessieren

wrkflw is significant as a modern local-CI CLI in Rust. It packages a large slice of GitHub Actions behavior into a local executable, giving developers faster feedback loops and package managers another option in the same broad problem space as `act`.

Its package-nerd interest is also architectural: CI workflow files combine YAML, expression language semantics, dependency graphs, containers, secrets, and artifacts. A single binary that attempts to validate and emulate that surface is useful even when users still rely on GitHub-hosted runners for final truth.

Zeitleiste

  • 2025-03-29: The GitHub repository and crates.io package are created.
  • 2025-04-21: wrkflw 0.3.0 is published on GitHub.
  • 2025-04-30: wrkflw 0.4.0 is published on GitHub.
  • 2025-08-13: wrkflw 0.7.0 is published on GitHub.
  • 2026-04-21: wrkflw 0.8.0 is published on GitHub and crates.io.
  • 2026: The author documents the design motivation behind secure emulation.

Related projects

  • nektos/act is the best-known adjacent tool for running GitHub Actions locally.
  • GitHub Actions is the workflow format and hosted CI service that wrkflw validates and emulates.
  • Docker and Podman are supported runtimes for container-backed local workflow execution.

Sicherheitslage

Risikostufe: grün

narrow executable package without higher-risk signals.

Risikoklassifikator

grün Risiko · niedrig Konfidenz · appliance

Warum

  • narrow executable package without higher-risk signals

Signale

  • metadata:no-higher-risk-signals

Installationsverhalten

  • In den Formelmetadaten ist kein Homebrew-Post-install-Hook erfasst.
  • Homebrew-Bottle-Metadaten sind für 6 Plattformziele verfügbar.
  • Build-Metadaten listen 2 Build-Abhängigkeiten.

Empfohlene Prüfung

Prüfe vor unbeaufsichtigter Agent-Nutzung, ob das Tool Klartext-Credentials liest, Remote-Zustand schreibt, Artefakte veröffentlicht oder Plugins ausführt.

Executables

Installierte Executables

BefehlArtSichtbarkeitHinweis
wrkflwcliglobales Executable

Aktualität

Version und Aktualität

Diese Signale trennen das Alter der Seitengenerierung, Aktivität des Paketmanagers und Upstream-Release-Vergleich. Versionsrückstand wird nur gemeldet, wenn eine Evidenz-URL und vergleichbare Versionen vorhanden sind.

Seite generiert2026-07-08
Manager-Version0.8.0
Manager aktualisiert2026-05-11
lokale DatenOK
Upstreamaktuell
neueste erkannte Versionv0.8.0

https://github.com/bahdotsh/wrkflw

  • OKEs wurden keine Aktualitätswarnungen generiert.

Installationsmetadaten

Paketmetadaten

Paketschlüsselbrew:wrkflw
Version0.8.0
PaketmanagerHomebrew
Paketmanager-Seitehttps://formulae.brew.sh/formula/wrkflw
Homepagehttps://github.com/bahdotsh/wrkflw
Repositoryhttps://github.com/bahdotsh/wrkflw
Upstream-Dokumentationhttps://github.com/bahdotsh/wrkflw#readme
LizenzMIT
Quellarchivhttps://github.com/bahdotsh/wrkflw/archive/refs/tags/v0.8.0.tar.gz
Zuletzt aktualisiert2026-05-11T18:23:42-04:00
Pulseupdated
Build-Abhängigkeitenpkgconf, rust
Bottleverfügbar (auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnicht definiert
Dienstkeiner deklariert

Registry-Fakten

Details aus der Quelldatenbank

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namewrkflw
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

Source-Datenbank-Treffer

Andere Paketmanager-Einträge

Treffer stammen aus externen Paketmanager-Indizes und bleiben von lokalen Automic-Vault-Paketlinks getrennt.

Nix95%

wrkflw

nix profile install nixpkgs#wrkflw
  • normalized package name match
  • Abgeglichen nach: Wrkflw
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/wr/wrkflw/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

Quellspur

Aus Repository-Daten generiert

Diese Seite wird von av-web aus dem privaten Paket-SQLite-Artefakt bereitgestellt, das scripts/generate-pkg-sqlite.py erstellt.

Verwendete Quellen

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment