Automic VaultAutomic Vault

brew

Install wrkflw with Homebrew, Nix

Validate and execute GitHub Actions workflows locally. Version 0.8.0 via Homebrew; verified 2026-05-11.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install wrkflw

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#wrkflw

nixpkgs package indexes · pkgs/by-name/wr/wrkflw/package.nix · source: api.github.com

overview

Package summary

Validate and execute GitHub Actions workflows locally

Commands and aliases

  • wrkflw

history

Project history and usage

wrkflw is a Rust command-line tool for validating and executing GitHub Actions workflows locally. It is a young project, created in 2025, but it has enough primary-source history to describe its niche: local CI workflow feedback before pushing to GitHub.

The project overlaps with tools such as `act`, but its README emphasizes validation, a terminal UI, multiple runtimes, expression evaluation, workflow dependency handling, reusable workflows, matrix builds, artifacts, cache, and secrets support.

Project history

The `bahdotsh/wrkflw` repository and crates.io package were created on 29 March 2025. GitHub releases show a fast early cadence in 2025, including 0.3.0 in April, 0.4.0 later that month, and several 0.5 through 0.7 releases in August.

By April 2026, wrkflw had reached version 0.8.0. The author's 2026 project note frames wrkflw as both a serious CI-tooling project and a way to learn Rust deeply, specifically citing hard parts such as the expression evaluator, async executor/runtime boundaries, and error design.

Adoption history

wrkflw's adoption is early but nontrivial for a new CLI: GitHub metadata shows thousands of stars within its first year, while crates.io records the package and version history. Its niche is the developer desire to test GitHub Actions locally rather than discovering workflow syntax or job-ordering problems only after a push.

The project also reflects a 2020s shift in CI tooling from remote-only validation toward local emulation. Its README lists Docker, Podman, plain emulation, and secure emulation runtimes, while the author note explains secure emulation as a compromise for users without containers who still need guardrails before running workflow steps locally.

How it is used

Users run wrkflw in repositories with GitHub Actions workflow files to validate workflow syntax and execute jobs locally. The tool supports selecting jobs, respecting `needs` dependencies, evaluating GitHub expression syntax, handling matrices, watching files, and using a TUI for workflow, execution, DAG, logs, trigger, secrets, and help views.

For package users, the important runtime distinction is container-backed execution versus emulation. The author's note is explicit that secure emulation does not provide full filesystem isolation; it validates commands, strips risky environment variables, applies timeouts, and blocks obvious dangerous patterns, while Docker or Podman remain the stronger boundary.

Why package nerds care

wrkflw is significant as a modern local-CI CLI in Rust. It packages a large slice of GitHub Actions behavior into a local executable, giving developers faster feedback loops and package managers another option in the same broad problem space as `act`.

Its package-nerd interest is also architectural: CI workflow files combine YAML, expression language semantics, dependency graphs, containers, secrets, and artifacts. A single binary that attempts to validate and emulate that surface is useful even when users still rely on GitHub-hosted runners for final truth.

Timeline

  • 2025-03-29: The GitHub repository and crates.io package are created.
  • 2025-04-21: wrkflw 0.3.0 is published on GitHub.
  • 2025-04-30: wrkflw 0.4.0 is published on GitHub.
  • 2025-08-13: wrkflw 0.7.0 is published on GitHub.
  • 2026-04-21: wrkflw 0.8.0 is published on GitHub and crates.io.
  • 2026: The author documents the design motivation behind secure emulation.

Related projects

  • nektos/act is the best-known adjacent tool for running GitHub Actions locally.
  • GitHub Actions is the workflow format and hosted CI service that wrkflw validates and emulates.
  • Docker and Podman are supported runtimes for container-backed local workflow execution.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 2 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
wrkflwcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version0.8.0
manager updated2026-05-11
local dataok
upstreamcurrent
latest detectedv0.8.0

https://github.com/bahdotsh/wrkflw

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:wrkflw
Version0.8.0
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/wrkflw
Homepagehttps://github.com/bahdotsh/wrkflw
Repositoryhttps://github.com/bahdotsh/wrkflw
Upstream docshttps://github.com/bahdotsh/wrkflw#readme
LicenseMIT
Source archivehttps://github.com/bahdotsh/wrkflw/archive/refs/tags/v0.8.0.tar.gz
Last updated2026-05-11T18:23:42-04:00
Pulseupdated
Build dependenciespkgconf, rust
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namewrkflw
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

wrkflw

nix profile install nixpkgs#wrkflw
  • normalized package name match
  • Matched by: Wrkflw
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/wr/wrkflw/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment