Assess the risk of third-party GitHub Actions

Examples: ,

Actions

Assess all the actions

yonasBSD/ClickHouse/.github/actions/debug

ClickHouse® is a real-time analytics DBMS

5/10

Maintained action available

intel/ai-containers/.github/scan

This repository contains Dockerfiles, scripts, yaml files, Helm charts, etc. used to scale out AI containers with versions of TensorFlow and PyTorch that have been optimized for Intel platforms. Scaling is done with python, Docker, kubernetes, kubeflow, cnvrg.io, Helm, and other container orchestration frameworks for use in the cloud and on-premise

7/10

jerray/publish-docker-action

GitHub Action used to build, tag and publish docker image to your docker registry

3/10

pytorch/audio/test-infra/.github/actions/setup-nvidia

Data manipulation and transformation for audio signal processing, powered by PyTorch

4/10

Maintained action available

crazy-max/.github/.github/actions/gotest-annotations

4/10

Maintained action available

SonarSource/sonarqube-quality-gate-action

6/10

UlisesGascon/openssf-scorecard-monitor

Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts

5/10

step-security/read-yaml

A GitHub Action to read yaml files. Secure drop-in replacement for jbutcher5/read-yaml.

10/10

Maintained by StepSecurity

rapidsai/shared-actions/telemetry-dispatch-summarize

6/10

babenek/CredSweeper

CredSweeper is a tool to detect credentials in any directories or files. CredSweeper could help users to detect unwanted exposure of credentials (such as personal information, token, passwords, api keys and etc) in advance. By scanning lines, filtering, and using AI model as option, CredSweeper reports lines with possible credentials, where the line is, and expected type of the credential as a result.

5/10

Maintained action available

tj-actions/pg-dump

:octocat: Github action to generate backup of a postgres database.

4/10

step-security/ghaction-import-gpg/__BUILDER_CHECKOUT_DIR__/.github/actions/compute-sha256

GitHub Action to import a GPG key. Secure drop-in replacement for crazy-max/ghaction-import-gpg.

9/10

step-security/create-or-update-comment/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

A GitHub action to create or update an issue or pull request comment. Secure drop-in replacement for peter-evans/create-or-update-comment.

10/10

grafana/shared-workflows/actions/push-to-gar-docker

A public-facing, centralized place to store reusable workflows used by Grafana Labs.

6/10

aws-actions/amazon-ecs-deploy-task-definition

Registers an Amazon ECS task definition and deploys it to an ECS service.

10/10

step-security/setup-ko/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

Secure drop-in replacement for ko-build/setup-ko.

10/10

approved-3rd-party-actions/create-issue-action

Another create an issue on GitHub action that strives to be as simple as possible... (The 10,000 GitHub Action on the Marketplace)

3/10

step-security/docker-build-push-action/__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check

GitHub Action to build and push Docker images with Buildx. Secure drop-in replacement for docker/build-push-action.

9/10

peter-evans/repository-dispatch

A GitHub action to create a repository dispatch event

7/10

FerretDB/github-actions/linters

Shared GitHub Actions for FerretDB repos

5/10