StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

DeLaGuardo/setup-clojure

DeLaGuardo/setup-clojure

GitHub Action to provision clojure's most popular build tools for Linux, Mac OS X and Windows.

6/10
step-security/release-notes-generator-action/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/release-notes-generator-action/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Action to auto generate a release note based on your events. Secure drop-in replacement for Decathlon/release-notes-generator-action.

10/10
glotaran/pyglotaran-examples

glotaran/pyglotaran-examples

This repository hold examples showcasing the use of the pyglotaran package

4/10
microsoft/RichCodeNavIndexer

microsoft/RichCodeNavIndexer

A GitHub Action that adds rich code navigation to a repo's branches and pull requests.

5/10
lfreleng-actions/python-audit-action

lfreleng-actions/python-audit-action

Audits a Python project's dependencies for security issues

4/10
austenstone/copilot-usage

austenstone/copilot-usage

Create copilot usage reports as job summaries, and much more!

7/10
grafana/plugin-actions/publish-report

grafana/plugin-actions/publish-report

6/10
andstor/file-reader-action

andstor/file-reader-action

:page_facing_up: :octocat: GitHub Action to read the contents of a file

2/10
step-security/action-discord

step-security/action-discord

🚀 GitHub Action that sends a Discord message. . Secure drop-in replacement for Ilshidur/action-discord.

10/10
Maintained by StepSecurity
jenseng/dynamic-uses

jenseng/dynamic-uses

Dynamically resolve and use another GitHub action

4/10
lfreleng-actions/pypi-publish-action

lfreleng-actions/pypi-publish-action

Publishes a Python project to the Python Package Index (PyPI)

4/10
gr2m/get-json-paths-action

gr2m/get-json-paths-action

A GitHub Action to access deep values of JSON strings

2/10
cisagov/setup-go-package

cisagov/setup-go-package

Composite GitHub action to install a Go package.

8/10
Tiryoh/gha-jobid-action

Tiryoh/gha-jobid-action

⚙️ GitHub Action to get the current workflow run's Job URL and ID

4/10
step-security/ghaction-import-gpg/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/ghaction-import-gpg/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

GitHub Action to import a GPG key. Secure drop-in replacement for crazy-max/ghaction-import-gpg.

10/10
step-security/ssh-agent/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

step-security/ssh-agent/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

GitHub Action to setup `ssh-agent` with a private key. Secure drop-in replacement for webfactory/ssh-agent.

10/10
shivammathur/setup-php

shivammathur/setup-php

GitHub action to set up PHP with extensions, php.ini configuration, coverage drivers, and various tools.

9/10
chronograph-pe/build-push-action

chronograph-pe/build-push-action

GitHub Action to build and push Docker images with Buildx

3/10
GuillaumeFalourd/wait-sleep-action

GuillaumeFalourd/wait-sleep-action

Github actions to wait / sleep during a workflow execution ⏱

3/10
sergeysova/jq-action

sergeysova/jq-action

This lets you do jq operations in GitHub Actions.

4/10