StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

step-security/foundry-toolchain

step-security/foundry-toolchain

GitHub action to install Foundry. Secure drop-in replacement for foundry-rs/foundry-toolchain.

10/10
Maintained by StepSecurity
bit-tasks/branch-lane

bit-tasks/branch-lane

Bit lane for each branch task for CI/CD

0/10
spack/setup-spack

spack/setup-spack

Github Action to setup Spack

4/10
step-security/r-lib-actions/setup-r

step-security/r-lib-actions/setup-r

GitHub Actions for the R community. Secure drop-in replacement for r-lib/actions.

10/10
Maintained by StepSecurity
hashicorp/terraform-github-actions

hashicorp/terraform-github-actions

Terraform GitHub Actions

6/10
angular/dev-infra/github-actions/google-internal-tests

angular/dev-infra/github-actions/google-internal-tests

Angular Development Infrastructure

6/10
elastic/oblt-actions/oblt-cli/cluster-create-serverless

elastic/oblt-actions/oblt-cli/cluster-create-serverless

7/10
russdias/render-deploy

russdias/render-deploy

2/10
OpenZeppelin/openzeppelin-contracts-upgradeable/.github/actions/setup

OpenZeppelin/openzeppelin-contracts-upgradeable/.github/actions/setup

Upgradeable variant of OpenZeppelin Contracts, meant for use in upgradeable contracts.

7/10
the-actions-org/workflow-dispatch

the-actions-org/workflow-dispatch

A GitHub Action for triggering workflows, using the `workflow_dispatch` event

2/10
dawidd6/action-send-mail/_next/static/chunks/67196-334b3c00fb863909.js

dawidd6/action-send-mail/_next/static/chunks/67196-334b3c00fb863909.js

:gear: A GitHub Action to send an email to multiple recipients

4/10
step-security/sticky-pull-request-comment/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/sticky-pull-request-comment/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Create comment on pull request, if exists update that comment. Secure drop-in replacement for marocchino/sticky-pull-request-comment.

10/10
vegardit/fast-apt-mirror.sh

vegardit/fast-apt-mirror.sh

fast-apt-mirror.sh is a self-contained Bash script that helps you to easily and quickly determine and configure a fast APT repository mirror on Debian, Ubuntu and Pop!_OS systems.

5/10
paultyng/ghaction-import-gpg

paultyng/ghaction-import-gpg

:octocat: GitHub Action to easily import a GPG key

3/10
pguyot/arm-runner-action

pguyot/arm-runner-action

Run tests natively and build images directly from GitHub Actions using a chroot-based virtualized Raspberry Pi (raspios/raspbian) environment

4/10
gradle/gradle-enterprise-build-validation-scripts/.github/actions/gradle/experiment-1

gradle/gradle-enterprise-build-validation-scripts/.github/actions/gradle/experiment-1

Executable scripts to assist in validating that your Gradle and Maven builds are in an optimal state in terms of maximizing work avoidance when using Develocity.

7/10
chainguard-images/actions/scan-apk

chainguard-images/actions/scan-apk

GitHub actions for the chainguard-images

8/10
gnosis/cla-github-action

gnosis/cla-github-action

CLA Assistant GitHub Action

2/10
microsoft/PR-Metrics

microsoft/PR-Metrics

A GitHub Action & Azure Pipelines task for augmenting pull request titles to let reviewers quickly determine PR size and test coverage.

7/10
zephyrproject-rtos/action-s3-cache

zephyrproject-rtos/action-s3-cache

Cache dependencies and build outputs to S3

3/10