Secure Your GitHub Actions with StepSecurity

gradle/actions/dependency-submission

A collection of GitHub Actions to accelerate your Gradle Builds on GitHub

276 stars

Node Action

Score updated 3 days ago

GitHub Actions security score

	gradle/actions/dependency-submission
Score	8/10
License	MIT License
Maintained	30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Vulnerabilities	3 existing vulnerabilities detected
Branch protection	branch protection is not maximal on development and all release branches
Manual code review	-
Secure publishing	-
Signed commits	-
Automated security tools	-
Popular	Used by 1032 open-source projects
Security Policy	security policy file detected

Networking Behavior of gradle/actions/dependency-submission

This GitHub Action often makes outbound network calls to these destinations, as gathered from public workflows using the Harden-Runner GitHub Action. Harden-Runner offers network egress filtering and runtime security for both GitHub-hosted and self-hosted runners.

Popular DestinationUnknown Destination

Network Destination	Owner
api.github.com	GitHub
plugins.gradle.org	Gradle
repo.maven.apache.org	Unknown
plugins-artifacts.gradle.org	Gradle
services.gradle.org	Gradle
github.com	GitHub
objects.githubusercontent.com	GitHub
jcenter.bintray.com	Unknown
caffeine.gradle-enterprise.cloud	Unknown
raw.githubusercontent.com	GitHub
dl.google.com	Google
buf.build	Unknown
download.jetbrains.com	Unknown
download-cdn.jetbrains.com	Unknown
scans-in.gradle.com	Unknown
release-assets.githubusercontent.com	GitHub
us-v20.events.data.microsoft.com	Microsoft
unitedstates.cp.wd.microsoft.com	Microsoft
winatp-gw-cus.microsoft.com	Microsoft
api.foojay.io	Unknown
gist.githubusercontent.com	GitHub