StepSecurity Logo
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

containerbase/internal-tools

containerbase/internal-tools

Renovate internal build tools

7/10
envoyproxy/toolshed/gh-actions/github/env/load

envoyproxy/toolshed/gh-actions/github/env/load

6/10
ionos-deploy-now/template-renderer-action

ionos-deploy-now/template-renderer-action

1/10
lfreleng-actions/helm-chartmuseum-action

lfreleng-actions/helm-chartmuseum-action

Packages and tests helm charts, publishing to ChartMuseum

4/10
jedsalazar/edu/.github/workflows/integrate-enforce-docs

jedsalazar/edu/.github/workflows/integrate-enforce-docs

Educational Resources for Software Supply Chain Security

2/10
optum/sourcehawk/.github/actions/maven-prepare

optum/sourcehawk/.github/actions/maven-prepare

Sourcehawk is an extensible compliance as code tool which allows development teams to run compliance scans on their source code.

3/10
pytorch/test-infra/test-infra/.github/actions/pull-docker-image

pytorch/test-infra/test-infra/.github/actions/pull-docker-image

This repository hosts code that supports the testing infrastructure for the PyTorch organization. For example, this repo hosts the logic to track disabled tests and slow tests, as well as our continuation integration jobs HUD/dashboard.

4/10
Maintained action available
deepcode-ai/cal.com/.github/actions/dangerous-git-checkout

deepcode-ai/cal.com/.github/actions/dangerous-git-checkout

Scheduling infrastructure for absolutely everyone.

4/10
hashicorp/setup-Terraform

hashicorp/setup-Terraform

Sets up Terraform CLI in your GitHub Actions workflow.

9/10
rudderlabs/rudder-sdk-kotlin/.github/actions/sonarcloud-analysis

rudderlabs/rudder-sdk-kotlin/.github/actions/sonarcloud-analysis

Kotlin Android SDK and Kotlin JVM for RudderStack - the Customer Data Platform for Developers.

6/10
dawidd6/action-send-mail/_next/static/chunks/app/(public)/layout-4cd98f1c1fdc9277.js

dawidd6/action-send-mail/_next/static/chunks/app/(public)/layout-4cd98f1c1fdc9277.js

:gear: A GitHub Action to send an email to multiple recipients

4/10
SecureCodeWarrior/github-action-add-sarif-contextual-training

SecureCodeWarrior/github-action-add-sarif-contextual-training

GitHub Action for adding contextual training material to SARIF files

3/10
coveo/semantic-monorepo-tools/.github/actions/publish

coveo/semantic-monorepo-tools/.github/actions/publish

A library of helper functions to do SemVer2 compliant releases from Conventional Commits in monorepos

5/10
Maintained action available
gradle/actions

gradle/actions

A collection of GitHub Actions to accelerate your Gradle Builds on GitHub

8/10
senorprogrammer/golang-github-actions

senorprogrammer/golang-github-actions

Static code analysis checker for golang 🐙

3/10
grafana/grafana-github-actions-go/latest-release-branch

grafana/grafana-github-actions-go/latest-release-branch

Grafana GitHub Actions in Golang

3/10
step-security/change-string-case-action/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/change-string-case-action/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

Github Action: Make a string lowercase, uppercase, or capitalized. Secure drop-in replacement for ASzc/change-string-case-action.

10/10
step-security/workflow-conclusion-action

step-security/workflow-conclusion-action

GitHub action to get workflow conclusion. Secure drop-in replacement for technote-space/workflow-conclusion-action.

10/10
Maintained by StepSecurity
elastic/cloudbeat/.github/actions/azure-asset-inventory-ci

elastic/cloudbeat/.github/actions/azure-asset-inventory-ci

Analyzing Cloud Security Posture

6/10
NVIDIA/cccl/.github/actions/workflow-run-job-linux

NVIDIA/cccl/.github/actions/workflow-run-job-linux

CUDA Core Compute Libraries

8/10