Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

syphar/restore-virtualenv

syphar/restore-virtualenv

2/10
sonarsource/sonarqube-quality-gate-action

sonarsource/sonarqube-quality-gate-action

8/10
crazy-max/ghaction-import-gpg

crazy-max/ghaction-import-gpg

GitHub Action to import a GPG key

5/10
hands-lab/dockle-action

hands-lab/dockle-action

Runs dockle as GitHub Action

4/10
reviewdog/action-suggester

reviewdog/action-suggester

:dog: Suggests any code changes based on diff through GitHub Multi-line code suggestions by using reviewdog

6/10
microsoft/powerplatform-actions/actions-install

microsoft/powerplatform-actions/actions-install

Power Platform GitHub Actions automate common build and deployment tasks related to Power Platform. This includes synchronization of solution metadata (a.k.a. solutions) between development environments and source control, generating build artifacts, deploying to downstream environments, provisioning/de-provisioning of environments, and the ability to perform static analysis checks against your solution using the PowerApps checker service.

4/10
facebook/pysa-action

facebook/pysa-action

GitHub Action for Pysa

5/10
sobelow/action

sobelow/action

Sobelow GitHub

3/10
nick-invision/retry

nick-invision/retry

Retries a GitHub Action step on failure or timeout

5/10
dotnet/docs-tools/actions/sequester

dotnet/docs-tools/actions/sequester

This repo contains GitHub Actions and other tools that are designed to be invoked on DocFx repositories.

6/10
hiddenlayerai/hiddenlayer-model-scan-github-action

hiddenlayerai/hiddenlayer-model-scan-github-action

Official HiddenLayer Github Action for the Model Scanner

8/10
karancode/yamllint-github-action

karancode/yamllint-github-action

Github Action for linting yaml files using yamllint

4/10
supercharge/redis-github-action

supercharge/redis-github-action

Use Redis in GitHub Actions

5/10
check-spelling/check-spelling

check-spelling/check-spelling

Spelling checker action to check spelling in repositories / pull requests / commits

6/10
LoliGothick/rustfmt-check

LoliGothick/rustfmt-check

GitHub Action for PR annotations with rustfmt checks

5/10
a11smiles/GitSync

a11smiles/GitSync

A workflow action that syncs GitHub and Azure DevOps activities.

2/10
hadolint/hadolint-action

hadolint/hadolint-action

GitHub action for Hadolint, A Dockerfile linting tool

6/10
aks-lts/test-infra

aks-lts/test-infra

LTS specific configuration and tooling for testing

4/10
hashicorp/sentinel-github-actions

hashicorp/sentinel-github-actions

5/10
slsa-framework/slsa-github-generator/.github/actions/secure-upload-artifact

slsa-framework/slsa-github-generator/.github/actions/secure-upload-artifact

Language-agnostic SLSA provenance generation for Github Actions

6/10