StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

boostsecurityio/poutine

boostsecurityio/poutine

poutine, a supply chain vulnerability scanner for build pipelines

8/10
sigstore/sigstore-conformance

sigstore/sigstore-conformance

Conformance testing for Sigstore clients

7/10
nicholas-fedor/shoutrrr/.github/actions/docker-login

nicholas-fedor/shoutrrr/.github/actions/docker-login

A notification library for gophers and their furry friends.

7/10
starburstdata/action-testng-report

starburstdata/action-testng-report

Reports testng test results as GitHub Pull Request Check

3/10
grafana/prometheus/.github/promci/actions/check_proto

grafana/prometheus/.github/promci/actions/check_proto

The Prometheus monitoring system and time series database.

3/10
step-security/find-comment/__builder_checkout_dir__/.github/actions/privacy-check

step-security/find-comment/__builder_checkout_dir__/.github/actions/privacy-check

A GitHub action to find an issue or pull request comment. Secure drop-in replacement for peter-evans/find-comment.

10/10
xaoxuu/friends-data-migration

xaoxuu/friends-data-migration

数据格式迁移

2/10
compnerd/gha-setup-vsdevenv

compnerd/gha-setup-vsdevenv

GitHub Action to setup the VS dev environment for the job

3/10
elastic/assign-one-project-github-action

elastic/assign-one-project-github-action

Automatically add an issue or pull request to specific GitHub Project(s) when you create and/or label them.

6/10
ocaml/setup-ocaml

ocaml/setup-ocaml

GitHub Action for the OCaml programming language

7/10
nvidia/visrtx/.github/actions/build-anari-sdk

nvidia/visrtx/.github/actions/build-anari-sdk

NVIDIA OptiX based implementation of ANARI

4/10
Maintained action available
digicert/ssm-code-signing

digicert/ssm-code-signing

SSM Github actions marketplace app

3/10
Maintained action available
dotnet/docs-tools/.github/actions/oidc-auth-flow

dotnet/docs-tools/.github/actions/oidc-auth-flow

This repo contains GitHub Actions and other tools that are designed to be invoked on DocFx repositories.

4/10
Maintained action available
yonasbsd/opendal/.github/actions/test_behavior_binding_go

yonasbsd/opendal/.github/actions/test_behavior_binding_go

Apache OpenDAL: access data freely.

3/10
Maintained action available
extdn/github-actions-m2/magento-integration-tests/7.4

extdn/github-actions-m2/magento-integration-tests/7.4

2/10
Maintained action available
orcid-dev/git-checkout-ref-action

orcid-dev/git-checkout-ref-action

action to handle different git checkout ref requirements for building in gha

2/10
openzeppelin/relayer-plugin-x402-facilitator/../__tool_action_dir__

openzeppelin/relayer-plugin-x402-facilitator/../__tool_action_dir__

OpenZeppelin Relayer - x402 Facilitator plugin

3/10
Maintained action available
anatawa12/something-releaser

anatawa12/something-releaser

The command line tools for me to publish files This repository is also an action to install something-releaser.

4/10
caffeelake/infinity/.github/actions/poetry_setup

caffeelake/infinity/.github/actions/poetry_setup

Infinity is a high-throughput, low-latency serving engine for text-embeddings, reranking models, clip, clap and colpali

2/10
gsactions/commit-message-checker

gsactions/commit-message-checker

GitHub Action that checks commit messages of pushes and pull request against a regex pattern

3/10