StepSecurity Logo
LoginStart free
actions/upload-artifact

actions/upload-artifact

GitHubGitHub Repository

3809 stars

Node.js

Node Action

Score updated 7 days ago

GitHub Actions security score

actions/upload-artifact

Score

7/10

License

MIT License

Maintained

8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6

Vulnerabilities

6 existing vulnerabilities detected

Branch protection

branch protection not enabled on development/release branches

Manual code review

-

Secure publishing

-

Signed commits

-

Automated security tools

-

Popular

Used by 27688 open-source projects

Security Policy

security policy file detected

Networking Behavior of actions/upload-artifact

This GitHub Action often makes outbound network calls to these destinations, as gathered from public workflows using the Harden-Runner GitHub Action. Harden-Runner offers network egress filtering and runtime security for both GitHub-hosted and self-hosted runners.

Popular DestinationUnknown Destination
Network DestinationOwner
scans-in.gradle.comUnknown
telemetry.redwoodjs.comUnknown
registry-1.docker.ioDockerHubDockerHub
auth.docker.ioDockerHubDockerHub
quark.quantumparticle.ioUnknown
cdnjs.cloudflare.comUnknown
fonts.gstatic.comUnknown
api.github.comGitHubGitHub
fonts.googleapis.comGoogleGoogle
cdn.jsdelivr.netUnknown
dc.services.visualstudio.comUnknown
github.comGitHubGitHub
objects.githubusercontent.comGitHubGitHub
edge.pkg.stUnknown
quay.ioUnknown
cdn03.quay.ioUnknown
api.codecov.ioCodecovCodecov
storage.googleapis.comGoogleGoogle
subnet.min.ioUnknown
api.linode.comUnknown
epss.cyentia.comUnknown
www.cisa.govCISACISA
www.fleetdm.comUnknown
fleetdm.comUnknown
proxy.golang.orgGolang ProxyGolang Proxy
sum.golang.orgUnknown
tuf.fleetctl.comUnknown
www.debian.orgUnknown
gcr.ioUnknown
dl.min.ioUnknown
security-metadata.canonical.comUnknown
charts.jetstack.ioUnknown
open-policy-agent.github.ioUnknown
learn.microsoft.comMicrosoftMicrosoft
production.cloudflare.docker.comDockerHubDockerHub
mdmenrollment.apple.comUnknown
region1.v2.argotunnel.comUnknown
pkg-containers.githubusercontent.comGitHubGitHub
raw.githubusercontent.comGitHubGitHub
www.redhat.comRedhat
update.traefik.ioUnknown
region2.v2.argotunnel.comUnknown
objects-origin.githubusercontent.comGitHubGitHub
pypi.orgPython RegistryPython Registry
esm.ubuntu.comUbuntuUbuntu
formulae.brew.shUnknown
security.access.redhat.comRedhat
vpp.itunes.apple.comUnknown
repo.maven.apache.orgUnknown
packages.microsoft.comMicrosoftMicrosoft
security.ubuntu.comUbuntuUbuntu
archive.ubuntu.comUbuntuUbuntu
httpstat.usUnknown
deb.debian.orgUnknown
jitpack.ioUnknown
ratifyacrac47.azurecr.ioUnknown
ratify-aks-ratify-e2e-5810-daae1e-nntu4zhj.hcp.westus2.azmk8s.ioUnknown
updates.fleetdm.comUnknown
westus2.data.mcr.microsoft.comMicrosoftMicrosoft
eastus.data.mcr.microsoft.comMicrosoftMicrosoft
mcr.microsoft.comMicrosoftMicrosoft
centralus.data.mcr.microsoft.comMicrosoftMicrosoft
registry.npmjs.orgnpm Registrynpm Registry
mirrors.almalinux.orgUnknown
azure.repo.almalinux.orgUnknown
mirrors.rockylinux.orgUnknown
us.mirrors.cicku.meUnknown
distro.ibiblio.orgUnknown
mirror.chpc.utah.eduUnknown
prod-registry-k8s-io-us-east-1.s3.dualstack.us-east-1.amazonaws.comUnknown
mirrors.rit.eduUnknown
rocky-linux-europe-west3.production.gcp.mirrors.ctrliq.cloudUnknown
ftp.fau.deUnknown
mirrors.xtom.deUnknown
checkpoint.prisma.ioUnknown
epss.empiricalsecurity.comUnknown
mirror.cs.vt.eduUnknown
westus2.azure.repo.almalinux.orgUnknown
dl.rockylinux.orgUnknown
mirror.siena.eduUnknown
cdn01.quay.ioUnknown
cli.codecov.ioCodecovCodecov
ingest.codecov.ioCodecovCodecov
o26192.ingest.us.sentry.ioUnknown
westeurope.api.playwright.microsoft.comMicrosoftMicrosoft
browser.playwright.microsoft.comMicrosoftMicrosoft
nyc.mirrors.clouvider.netUnknown
rocky-linux-us-east5.production.gcp.mirrors.ctrliq.cloudUnknown
files.pythonhosted.orgPython RegistryPython Registry
telemetry.nextjs.orgUnknown
mirror.plusline.netUnknown
mirror.rnet.missouri.eduUnknown
rocky.mirror.shastacoe.netUnknown
clients2.google.comUnknown
safebrowsingohttpgateway.googleapis.comGoogleGoogle
redirector.gvt1.comUnknown
accounts.google.comUnknown
r3---sn-2imern76.gvt1.comUnknown
clients2.googleusercontent.comUnknown
r5---sn-2imern76.gvt1.comUnknown
optimizationguide-pa.googleapis.comGoogleGoogle
cdn.playwright.devUnknown
playwright.download.prss.microsoft.comMicrosoftMicrosoft
mirror.netzwerge.deUnknown
rocky-linux-us-central1.production.gcp.mirrors.ctrliq.cloudUnknown
r3---sn-vgqskn67.gvt1.comUnknown
r3---sn-a5mekn6d.gvt1.comUnknown
r4---sn-a5msenek.gvt1.comUnknown
r5---sn-vgqsrnzk.gvt1.comUnknown
formbricks-cdn.s3.eu-central-1.amazonaws.comUnknown
r1---sn-vgqsrnlk.gvt1.comUnknown
r5---sn-vgqsrn66.gvt1.comUnknown
ftp.halifax.rwth-aachen.deUnknown
r1---sn-n4v7snl7.gvt1.comUnknown
nodejs-dm18a3vpb-openjs.vercel.appUnknown
cdp.customer.ioUnknown
r4---sn-o097znsz.gvt1.comUnknown
ftp.agdsn.deUnknown
ports.ubuntu.comUbuntuUbuntu
r4---sn-p5qlsn6l.gvt1.comUnknown
mirror.cpsc.ucalgary.caUnknown
r1---sn-a5mlrnls.gvt1.comUnknown
r1---sn-a5mekn6l.gvt1.comUnknown
mirrors.iu13.netUnknown
r1---sn-2imern76.gvt1.comUnknown
r4---sn-o097znzk.gvt1.comUnknown
r3---sn-o097znzr.gvt1.comUnknown
rocky-linux-us-west4.production.gcp.mirrors.ctrliq.cloudUnknown
rocky-linux-europe-west2.production.gcp.mirrors.ctrliq.cloudUnknown
rockylinux.mirrorservice.orgUnknown
rocky-linux-us-south1.production.gcp.mirrors.ctrliq.cloudUnknown
rocky-linux-us-west3.production.gcp.mirrors.ctrliq.cloudUnknown
fleet-test-7b098261-4b96-47c7-932b-a9a2e7f23a33.fleetuem.comUnknown
www.keil.comUnknown
keilpack.azureedge.netUnknown
lcd-15902890282-sanity-test-1-dns-xzwxrj9j.hcp.australiaeast.azmk8s.ioUnknown
lcd-15902890282-external-e2e-test-1-dns-sxswaq5p.hcp.australiaeast.azmk8s.ioUnknown
ghcr.ioGitHubGitHub
r5---sn-o097znz7.gvt1.comUnknown
sadevicepacksdqaus.blob.core.windows.netUnknown
sadevicepacksprodus.blob.core.windows.netUnknown
index.crates.ioUnknown
static.crates.ioUnknown
r2---sn-vgqsrnzs.gvt1.comUnknown
fleet-test-6f09b3e3-79f8-46ee-a6b7-835019b2fe68.fleetuem.comUnknown
workers.cloudflare.comUnknown
fleet-test-2e3dabd4-5842-4334-bde3-b57b6f6900f4.fleetuem.comUnknown
ocsp.sectigo.comUnknown
nodejs-qtmozyzmg-openjs.vercel.appUnknown
cloud.orama.runUnknown
fleet-test-81ada2c5-2ce2-49ee-ac48-c3357767399b.fleetuem.comUnknown
winatp-gw-cus.microsoft.comMicrosoftMicrosoft
us-v20.events.data.microsoft.comMicrosoftMicrosoft
example.comUnknown
global.endpoint.security.microsoft.comMicrosoftMicrosoft
mirror.wiseglobalsolutions.comUnknown
dl-cdn.alpinelinux.orgAlpine LinuxAlpine Linux
release-assets.githubusercontent.comGitHubGitHub
x.cp.wd.microsoft.comMicrosoftMicrosoft
fleet-test-78e05723-5268-4457-962d-0f47c66122aa.fleetuem.comUnknown
nodejs-p94nu5okz-openjs.vercel.appUnknown
fleet-test-7babe2a1-cab6-42a8-8981-a15b62930cf1.fleetuem.comUnknown
charts.konghq.comUnknown
prod-registry-k8s-io-us-east-2.s3.dualstack.us-east-2.amazonaws.comUnknown
fleet-test-04616a21-63a2-4a72-bb6d-791e22fc412b.fleetuem.comUnknown
fleet-test-45f180ad-4e11-429b-92a7-297a2a78eb9d.fleetuem.comUnknown
fleet-test-00667557-171d-4b00-a56f-89ced6d46a20.fleetuem.comUnknown
r7k2fydpsuvyoapfik6ypwvs.blob.core.windows.netUnknown
builds.dotnet.microsoft.comMicrosoftMicrosoft
fleet-test-54b4833c-426f-4d9f-974f-f51064401af3.fleetuem.comUnknown
www.google.comUnknown
rocky-linux-europe-west9.production.gcp.mirrors.ctrliq.cloudUnknown
miroir.univ-lorraine.frUnknown
ambassador-labs.gateway.scarf.shUnknown
kong-hf.konghq.comUnknown
plug-mirror.rcac.purdue.eduUnknown
app.getambassador.ioUnknown
downloads.1password.comUnknown
fleet-test-0319398e-fcd9-4634-8853-05347af48e3e.fleetuem.comUnknown
docker-images-prod.6aa30f8b08e16409b46e0173d6de2f56.r2.cloudflarestorage.comDockerHubDockerHub
wdcp.microsoft.comMicrosoftMicrosoft
go.microsoft.comMicrosoftMicrosoft
definitionupdates.microsoft.comMicrosoftMicrosoft
fleet-test-06a07ac8-b9ba-4635-8da1-5b1e027565b0.fleetuem.comUnknown
unitedstates.x.cp.wd.microsoft.comMicrosoftMicrosoft
archive.debian.orgUnknown
rocky.reloumirrors.netUnknown
fleet-test-64e25a98-0b46-4de0-afdd-ad4afc3518c4.fleetuem.comUnknown
build.shibboleth.netUnknown
unitedstates.cp.wd.microsoft.comMicrosoftMicrosoft
maven.pkg.github.comGitHubGitHub
osm-planet-eu-central-1.s3.dualstack.eu-central-1.amazonaws.comUnknown
fleet-test-41af50fb-211e-4946-9333-60571132356b.fleetuem.comUnknown
fleet-test-f3fef566-bacd-4836-8441-af22f649cfd9.fleetuem.comUnknown
r1---sn-p5qlsnrl.gvt1.comUnknown
r3---sn-p5qlsn76.gvt1.comUnknown
fleet-test-b7c41773-5416-417e-a7ec-4a194f6404e5.fleetuem.comUnknown
fleet-test-15f706c7-6ef6-4277-92ac-91f838c64e96.fleetuem.comUnknown
fleet-test-a6e4ab03-a796-4618-8202-c5ce2941c144.fleetuem.comUnknown
android.clients.google.comUnknown
mtalk.google.comUnknown
fleet-test-1229e886-c142-4739-a16c-2471a74bdcfb.fleetuem.comUnknown
api.segment.ioUnknown
index.docker.ioDockerHubDockerHub
check.trivy.devUnknown
mirrors.egr.msu.eduUnknown
gcp.repo.almalinux.orgUnknown
fleet-test-1c1537a9-2574-4e77-a7fa-db6027948229.fleetuem.comUnknown
plugins-artifacts.gradle.orgGradleGradle
fleet-test-aa483f52-51c7-45d5-9ee2-e892a1cccd53.fleetuem.comUnknown
mise-versions.jdx.devUnknown
analytics.localstack.cloudUnknown
assets.localstack.cloudUnknown
gdmf.apple.comUnknown
sparrow.cloudflare.comUnknown
nodejs-dtb9tg8tj-openjs.vercel.appUnknown
6533a41321.us.cp0.konghq.techUnknown
6533a41321.us.tp0.konghq.techUnknown
fleet-test-3d7560d6-3531-428c-a153-1c2f8045c3e3.fleetuem.comUnknown
localstack.cloudUnknown
fleet-test-609e8778-1f62-4f41-af81-dc6abf12de69.fleetuem.comUnknown
fleet-test-f8d45259-5fdf-4eef-a378-049439b4834f.fleetuem.comUnknown
fleet-test-2797973a-c81b-4281-a3bd-93107bb7cdc3.fleetuem.comUnknown
fleet-test-27f5698c-c747-4e1c-9616-8046b5bc2e7e.fleetuem.comUnknown
fleet-test-185eef91-8b86-43a3-8c93-a4960a251fd0.fleetuem.comUnknown
34c2jzs22kfv4o2zyaa3mao4.blob.core.windows.netUnknown
api.nuget.orgUnknown
www.microsoft.comMicrosoftMicrosoft
releases.hashicorp.comHashiCorpHashiCorp
fleet-test-6cbd6fa8-98a8-4fb9-ba1d-bd2cbdda5f1f.fleetuem.comUnknown
keyserver.ubuntu.comUbuntuUbuntu
fleet-test-4e2862f1-ebfe-4a57-8661-e04ca24c087e.fleetuem.comUnknown
fleet-test-6b2ce367-a7d2-407c-8db1-38e7e96b09c1.fleetuem.comUnknown
fleet-test-1dcccaa3-c1b7-4bb1-ad8a-429715843347.fleetuem.comUnknown
fleet-test-34924246-8863-49c0-8d64-f6b2cee4a89e.fleetuem.comUnknown
fleet-test-209f1cb7-4b64-4a78-808c-f0bb617eaf5e.fleetuem.comUnknown
fleet-test-4ed47249-9c26-4f4d-8d7a-5dc0e4ab38db.fleetuem.comUnknown
fleet-test-4ee05cda-d1cd-4eb5-a80f-f9da309d973d.fleetuem.comUnknown
fleet-test-390c91ed-68f5-458c-a56f-2f49808e17dd.fleetuem.comUnknown
crl3.digicert.comUnknown
fleet-test-ac61672a-0ec7-486f-82da-e50784cde9be.fleetuem.comUnknown
usage.projectcalico.orgUnknown
digitalassetlinks.googleapis.comGoogleGoogle
mir01.syntis.netUnknown
rocky-linux-us-east4.production.gcp.mirrors.ctrliq.cloudUnknown
fleet-test-616b1051-3adf-4e28-875d-0113ae58b308.fleetuem.comUnknown
graph.microsoft.comMicrosoftMicrosoft
keybase.ioUnknown
remoteprovisioning.googleapis.comGoogleGoogle
rum.optimizely.comUnknown
mirrors.hostiserver.comUnknown
mirror.prolocation.netUnknown
www.googleapis.comGoogleGoogle
fleet-test-79c810c6-a1fe-41bb-8807-742921f4e6d4.fleetuem.comUnknown
fleet-test-63ab60a6-34f1-4e55-b889-e88a9d135e45.fleetuem.comUnknown