StepSecurity Logo
LoginStart free
docker/bake-action

docker/bake-action

GitHub Action to use Docker Buildx Bake as a high-level build command

GitHubGitHub Repository

275 stars

Node.js

Node Action

Score updated 3 days ago

GitHub Actions security score

docker/bake-action

Score

6/10

License

Apache License 2.0

Maintained

12 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10

Vulnerabilities

8 existing vulnerabilities detected

Branch protection

branch protection not enabled on development/release branches

Manual code review

-

Secure publishing

-

Signed commits

-

Automated security tools

-

Popular

Used by 856 open-source projects

Security Policy

security policy file detected

Networking Behavior of docker/bake-action

This GitHub Action often makes outbound network calls to these destinations, as gathered from public workflows using the Harden-Runner GitHub Action. Harden-Runner offers network egress filtering and runtime security for both GitHub-hosted and self-hosted runners.

Popular DestinationUnknown Destination
Network DestinationOwner
registry-1.docker.ioDockerHubDockerHub
auth.docker.ioDockerHubDockerHub
production.cloudflare.docker.comDockerHubDockerHub
dl-cdn.alpinelinux.orgAlpine LinuxAlpine Linux
registry.yarnpkg.comUnknown
proxy.golang.orgGolang ProxyGolang Proxy
storage.googleapis.comGoogleGoogle
ghcr.ioGitHubGitHub
index.docker.ioDockerHubDockerHub
registry.npmjs.orgnpm Registrynpm Registry
repo.yarnpkg.comUnknown
mcr.microsoft.comMicrosoftMicrosoft
gcr.ioUnknown
registry.k8s.ioUnknown
us-east4-docker.pkg.devUnknown
prod-registry-k8s-io-us-east-1.s3.dualstack.us-east-1.amazonaws.comUnknown
eastus.data.mcr.microsoft.comMicrosoftMicrosoft
us-central1-docker.pkg.devUnknown
prod-registry-k8s-io-us-east-2.s3.dualstack.us-east-2.amazonaws.comUnknown
centralus.data.mcr.microsoft.comMicrosoftMicrosoft
westus2.data.mcr.microsoft.comMicrosoftMicrosoft
us-west2-docker.pkg.devUnknown
prod-registry-k8s-io-us-west-1.s3.dualstack.us-west-1.amazonaws.comUnknown
westus.data.mcr.microsoft.comMicrosoftMicrosoft
westcentralus.data.mcr.microsoft.comMicrosoftMicrosoft
github.comGitHubGitHub
us-south1-docker.pkg.devUnknown
raw.githubusercontent.comGitHubGitHub
archive.ubuntu.comUbuntuUbuntu
security.ubuntu.comUbuntuUbuntu
api.papermc.ioUnknown
packages.microsoft.comMicrosoftMicrosoft
us-east5-docker.pkg.devUnknown
deb.debian.orgUnknown
objects.githubusercontent.comGitHubGitHub
apt.llvm.orgUnknown
ports.ubuntu.comUbuntuUbuntu
download.docker.comUnknown
build-cloud.docker.comUnknown
release-assets.githubusercontent.comGitHubGitHub
docker-images-prod.6aa30f8b08e16409b46e0173d6de2f56.r2.cloudflarestorage.comDockerHubDockerHub
centralus-2.in.applicationinsights.azure.comAzureAzure
pkg-containers.githubusercontent.comGitHubGitHub
files.pythonhosted.orgPython RegistryPython Registry
pypi.orgPython RegistryPython Registry
static.rust-lang.orgUnknown
us-docker.pkg.devUnknown
sts.googleapis.comGoogleGoogle
ttl.shUnknown