step-security/rust-cache
Secure drop-in replacement for swatinem/rust-cache
A GitHub Action that implements smart caching for rust/cargo projects.
GitHub Actions security score comparison
| step-security/rust-cache | swatinem/rust-cache | |
|---|---|---|
Score | 8/10 | 0/10 |
License | GNU Lesser General Public License v3.0 | |
Maintained | Maintained by StepSecurity | |
Vulnerabilities | 10 existing vulnerabilities detected | |
Branch protection | Branch protection is maximal on development and all release branches | |
Manual code review | Upstream changes are reviewed before merging | - |
Secure publishing | Reproducible builds with SBOM and provenance | - |
Signed commits | All commits are signed | - |
Automated security tools | Findings from tools are triaged and fixed before each change | - |
Popular | Used by StepSecurity enterprise customers | Used by 11556 open-source projects |
Security Policy | security policy file detected | security policy file not detected |
Networking Behavior of step-security/rust-cache
This GitHub Action often makes outbound network calls to these destinations, as gathered from public workflows using the Harden-Runner GitHub Action. Harden-Runner offers network egress filtering and runtime security for both GitHub-hosted and self-hosted runners.
Popular DestinationUnknown Destination
| Network Destination | Owner |
|---|---|
| static.rust-lang.org | Unknown |
| static.crates.io | Unknown |
| updates.cdn-apple.com | Unknown |
| configuration.apple.com | Unknown |
| ocsp.digicert.com | Unknown |
| bag.itunes.apple.com | Unknown |
| pancake.apple.com | Unknown |
| xp.apple.com | Unknown |
| swscan.apple.com | Unknown |
| mesu.apple.com | Unknown |
| configuration.ls.apple.com | Unknown |
| swallow.apple.com | Unknown |
| ocsp2.apple.com | Unknown |
| configuration-row-lb.apple.com.akadns.net | Unknown |
| xp-cdn-lb.itunes-apple.com.akadns.net | Unknown |
| mesu-cdn.origin-apple.com.akadns.net | Unknown |
| configuration-lb.ls-apple.com.akadns.net | Unknown |
| news-edge.apple.com | Unknown |
| crates.io | Unknown |
| fbs.smoot.apple.com | Unknown |
| mask-api.icloud.com | Unknown |
| device-config.pcms.apple.com | Unknown |
| index.crates.io | Unknown |
| gateway.icloud.com | Unknown |
| mobile.events.data.microsoft.com | |
| dns.msftncsi.com | Unknown |
| init.itunes.apple.com | Unknown |
| valid.apple.com | Unknown |
| experiments.apple.com | Unknown |
| apps.mzstatic.com | Unknown |
| s.mzstatic.com | Unknown |
| fpinit.itunes.apple.com | Unknown |
| sf-api-token-service.itunes.apple.com | Unknown |
| assets-mercury.mzstatic.com | Unknown |
| cds.apple.com | Unknown |
| amp-api.media.apple.com | Unknown |
| help.apple.com | Unknown |
| configuration.apple.com.akadns.net | Unknown |
| swdist.apple.com | Unknown |
| calendars.icloud.com | Unknown |
| ipcdn.apple.com | Unknown |
| ocsp.usertrust.com | Unknown |
| gdmf.apple.com | Unknown |
| weatherkit.apple.com | Unknown |
| 0.pool.ntp.org | Unknown |
| metrics.icloud.com | Unknown |
| ocsp2.g.aaplimg.com | Unknown |
| xp.v.aaplimg.com | Unknown |
| fastly-static.crates.io | Unknown |
| apple-relay.cloudflare.com | Unknown |
| ocsp.comodoca.com | Unknown |
| xp.itunes-apple.com.akadns.net | Unknown |
| api.apple-cloudkit.com | Unknown |
| api.apple-cloudkit.fe2.apple-dns.net | Unknown |
| humb.apple.com | Unknown |
| weather-edge.apple.com | Unknown |
| swdist.g.aaplimg.com | Unknown |
| c.apple.news | Unknown |