Assess the risk of third-party GitHub Actions
Examples: ,
Actions
Assess all the actions
fluxcd/pkg/actions/yq
Toolkit common packages
graalvm/setup-graalvm
GitHub Action for setting up GraalVM distributions.
microsoft/vstest
Visual Studio Test Platform is the runner and engine that powers test explorer and vstest.console.
whelk-io/maven-settings-xml-action
Github Action to create maven settings (~/.m2/settings.xml)
Azure/pipelines
Enable GitHub developers to trigger Azure Pipelines from a GitHub Actions workflow
fish-shop/syntax-check
A GitHub action for syntax checking fish shell files.
unleftie/ansible-lint-action
Run Ansible Lint
halostatue/starlist
😎 Github action to generate your own awesome list from project you've starred ordered by languages!
ultralytics/actions/retry
Ultralytics GitHub Actions
knqyf263/trivy-issue-action
GitHub Actions for creating GitHub Issues according to the Trivy scanning result
kitabisa/docker-slim-action
GitHub Action to minify container image by up to 30x (and for compiled languages even more) making it secure too!
step-security/assign-author
GitHub Actions to assign author to issue or PR
neondatabase/dev-actions/release-pr-notify
ethomson/env-action
slsa-framework/slsa-github-generator/.github/actions/rng
Language-agnostic SLSA provenance generation for Github Actions
olivernybroe/action-conflict-finder
A Github action for finding merge conflicts
jwalton/gh-docker-logs
GitHub Action to collect logs from all docker containers.
heisenberg-2077/use-npm-token-action
Use an NPM token within an .npmrc file inside GitHub actions. Scoped packages are the primary use case.
actions-ecosystem/action-bump-semver
⏫ GitHub Action to bump the semver version up
little-core-labs/install-terraform
Install terraform to the current GitHub Actions job