The latest articles on DEV Community by Muhammad Ayyan Khan (@ayyankhan101). https://dev.to/ayyankhan101 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3889470%2F2f8a571c-e2ef-40c8-99aa-ed3e6e88338a.jpeg https://dev.to/ayyankhan101 en Muhammad Ayyan Khan Fri, 24 Apr 2026 15:40:43 +0000 https://dev.to/ayyankhan101/pipechecker-a-local-cicd-auditor-to-catch-circular-deps-secrets-and-unpinned-tags-before-you-1pk1 https://dev.to/ayyankhan101/pipechecker-a-local-cicd-auditor-to-catch-circular-deps-secrets-and-unpinned-tags-before-you-1pk1 <p><strong>Hey everyone,</strong></p> <p>I got tired of the "push and pray" method of CI/CD configuration. Waiting for a<br> remote runner just to find out I had a circular dependency or a missing needs<br> reference felt like a waste of time.</p> <p>So I built PipeChecker in Rust. It's a CLI tool that provides instant, local<br> feedback on your workflows.</p> <p>What it does:</p> <ul> <li>DAG Analysis: Uses Tarjan's algorithm to detect circular dependencies.</li> <li>Security: Scans for hardcoded secrets and undeclared env vars.</li> <li>Best Practices: Enforces pinning for Docker images and GitHub Actions.</li> <li>TUI: Includes an interactive mode for navigating multiple workflows.</li> <li>Platforms: Supports GitHub Actions, GitLab, and CircleCI.</li> </ul> <p>Quick Start:<br> cargo install pipechecker<br> pipechecker --all --tui</p> <p>It’s open source and I’m looking for feedback/contributors! </p> <p>GitHub: <a href="https://github.com/Ayyankhan101/PipeChecker.git" rel="noopener noreferrer">https://github.com/Ayyankhan101/PipeChecker.git</a></p> <p>Would love to hear how you handle local pipeline validation!</p> cicd devops rust showdev