docker/bake-action
GitHub Action to use Docker Buildx Bake as a high-level build command
GitHub Actions security score
| docker/bake-action | |
|---|---|
Score | 7/10 |
License | Apache License 2.0 |
Maintained | 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 |
Vulnerabilities | 14 existing vulnerabilities detected |
Branch protection | branch protection not enabled on development/release branches |
Manual code review | - |
Secure publishing | - |
Signed commits | - |
Automated security tools | - |
Popular | Used by 1352 open-source projects |
Security Policy | security policy file detected |
Networking Behavior of docker/bake-action
This GitHub Action often makes outbound network calls to these destinations, as gathered from public workflows using the Harden-Runner GitHub Action. Harden-Runner offers network egress filtering and runtime security for both GitHub-hosted and self-hosted runners.
Popular DestinationUnknown Destination
| Network Destination | Owner |
|---|---|
| registry-1.docker.io | |
| auth.docker.io | |
| production.cloudflare.docker.com | |
| dl-cdn.alpinelinux.org | |
| registry.yarnpkg.com | Unknown |
| proxy.golang.org | |
| storage.googleapis.com | |
| ghcr.io |  GitHub |
| index.docker.io | |
| registry.npmjs.org | |
| repo.yarnpkg.com | Unknown |
| mcr.microsoft.com | |
| gcr.io | Unknown |
| registry.k8s.io | Unknown |
| us-east4-docker.pkg.dev | Unknown |
| prod-registry-k8s-io-us-east-1.s3.dualstack.us-east-1.amazonaws.com | Unknown |
| eastus.data.mcr.microsoft.com | |
| us-central1-docker.pkg.dev | Unknown |
| prod-registry-k8s-io-us-east-2.s3.dualstack.us-east-2.amazonaws.com | Unknown |
| centralus.data.mcr.microsoft.com | |
| westus2.data.mcr.microsoft.com | |
| us-west2-docker.pkg.dev | Unknown |
| prod-registry-k8s-io-us-west-1.s3.dualstack.us-west-1.amazonaws.com | Unknown |
| westus.data.mcr.microsoft.com | |
| westcentralus.data.mcr.microsoft.com | |
| github.com | GitHub |
| us-south1-docker.pkg.dev | Unknown |
| raw.githubusercontent.com | GitHub |
| archive.ubuntu.com | |
| security.ubuntu.com | |
| api.papermc.io | Unknown |
| packages.microsoft.com | |
| us-east5-docker.pkg.dev | Unknown |
| deb.debian.org | Unknown |
| objects.githubusercontent.com | GitHub |
| apt.llvm.org | Unknown |
| ports.ubuntu.com | |
| download.docker.com | Unknown |
| build-cloud.docker.com | Unknown |
| release-assets.githubusercontent.com | GitHub |
| docker-images-prod.6aa30f8b08e16409b46e0173d6de2f56.r2.cloudflarestorage.com | |
| centralus-2.in.applicationinsights.azure.com | |
| pkg-containers.githubusercontent.com | GitHub |
| files.pythonhosted.org | |
| pypi.org | |
| static.rust-lang.org | Unknown |
| us-docker.pkg.dev | Unknown |
| sts.googleapis.com | |
| ttl.sh | Unknown |
| registry.os.wiz.io | Unknown |
| dhi.io | Unknown |
| www.githubstatus.com | GitHub |
| binaries.soliditylang.org | Unknown |
| sh.rustup.rs | Unknown |
| index.crates.io | Unknown |
| static.crates.io | Unknown |
| api.github.com | GitHub |
| keyserver.ubuntu.com | |
| repo.mysql.com | Unknown |
| repo.percona.com | Unknown |
| archive.apache.org | Unknown |
| check.percona.com | Unknown |
| repo.maven.apache.org | Unknown |
| repository.sonatype.org | Unknown |
| dl.static-php.dev | Unknown |
| static-php-cli.fra1.digitaloceanspaces.com | Unknown |
| go.dev | Unknown |
| dl.google.com | |
| sum.golang.org | Unknown |
| pecl.php.net | Unknown |
| download.savannah.nongnu.org | Unknown |
| mirror.marwan.ma | Unknown |
| www.php.net | Unknown |
| www.openldap.org | Unknown |
| ftp.gnu.org | Unknown |
| thrysoee.dk | Unknown |
| download.osgeo.org | Unknown |
| download.gnome.org | Unknown |
| mirrors.ocf.berkeley.edu | Unknown |
| uploads.github.com | GitHub |
| mirror.rabisu.com | Unknown |
| builds.dotnet.microsoft.com | |
| nongnu.niranjan.co | Unknown |
| openresty.org | Unknown |
| cpanmetadb.plackperl.org | Unknown |
| luarocks.org | Unknown |
| download.agent.dev.azure.com | |
| azcliprod.blob.core.windows.net | Unknown |
| aka.ms | Unknown |
| azcliextensionsync.blob.core.windows.net | Unknown |
| dc.services.visualstudio.com | Unknown |
| get.helm.sh | Unknown |
| dl.k8s.io | Unknown |
| ftp.cc.uoc.gr | Unknown |
| packagecloud.io | Unknown |
| ppa.launchpadcontent.net | Unknown |
| d3fo0g5hm7lbuv.cloudfront.net | Unknown |
| us-west1-docker.pkg.dev | Unknown |
| prod-registry-k8s-io-us-west-2.s3.dualstack.us-west-2.amazonaws.com | Unknown |
| production.cloudfront.docker.com | Unknown |
| fonts.google.com | Unknown |
| api.fontshare.com | Unknown |
| api.fontsource.org | Unknown |
| fonts.bunny.net | Unknown |
| apk.cgr.dev | Unknown |
| 9236a389bd48b984df91adc1bc924620.r2.cloudflarestorage.com | Unknown |
| mise.run | Unknown |
| mise.en.dev | Unknown |
| mise-versions.jdx.dev | Unknown |
| mise-java.jdx.dev | Unknown |
| nodejs.org | Unknown |
| releases.hashicorp.com | |
| tuf-repo-cdn.sigstore.dev |