StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

bgd-labs/github-workflows/.github/actions/foundry-setup

bgd-labs/github-workflows/.github/actions/foundry-setup

a collection of github workflows used at bgd

4/10
step-security/setup-just

step-security/setup-just

🤖 GitHub Action to install the just command runner. Secure drop-in replacement for extractions/setup-just.

10/10
Maintained by StepSecurity
python-semantic-release/upload-to-gh-release

python-semantic-release/upload-to-gh-release

DEPRECATED: Upload artefacts to GitHub Releases using Python Semantic Release

4/10
step-security/helm-gh-pages/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

step-security/helm-gh-pages/__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact

A GitHub Action for publishing Helm charts to Github Pages. Secure drop-in replacement for stefanprodan/helm-gh-pages.

10/10
bazel-contrib/publish-to-bcr

bazel-contrib/publish-to-bcr

A GitHub app that mirrors releases of your Bazel ruleset to the Central Registry

6/10
hacs/action

hacs/action

Repository validator action for HACS

6/10
elastic/cloudbeat/.github/actions/aws-asset-inventory-ci

elastic/cloudbeat/.github/actions/aws-asset-inventory-ci

Analyzing Cloud Security Posture

4/10
Maintained action available
quarto-dev/quarto-actions/setup

quarto-dev/quarto-actions/setup

6/10
yonasBSD/greptimedb/.github/actions/setup-kafka-cluster

yonasBSD/greptimedb/.github/actions/setup-kafka-cluster

An open-source, cloud-native, distributed time-series database with PromQL/SQL/Python supported.

5/10
Maintained action available
actions-security-demo/script-injection/actions/remove-milestone

actions-security-demo/script-injection/actions/remove-milestone

2/10
PicnicSupermarket/caffeine/.github/actions/run-gradle

PicnicSupermarket/caffeine/.github/actions/run-gradle

A high performance caching library for Java

5/10
yonasBSD/grafana/.github/actions/website-sync

yonasBSD/grafana/.github/actions/website-sync

The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.

2/10
Maintained action available
transferwise/actions-pr-checker

transferwise/actions-pr-checker

Github Action to check PR title/description/labels.

6/10
grafana/loki/_shared-workflows-dockerhub-login/actions/get-vault-secrets

grafana/loki/_shared-workflows-dockerhub-login/actions/get-vault-secrets

Like Prometheus, but for logs.

6/10
ko-build/setup-ko

ko-build/setup-ko

7/10
step-security/set-github-variable

step-security/set-github-variable

Use this Github Action to update a variable in your Github Action Workflows for your repository. Secure drop-in replacement for mmoyaferrer/set-github-variable.

10/10
Maintained by StepSecurity
cisagov/action-lineage

cisagov/action-lineage

7/10
grafana/prometheus/.github/promci/actions/publish_main

grafana/prometheus/.github/promci/actions/publish_main

The Prometheus monitoring system and time series database.

5/10
Maintained action available
bats-core/bats-action

bats-core/bats-action

Github action that setup Bats and all the bats libs: support, assert, detik, file.

7/10
microsoft/powerplatform-actions/who-am-i

microsoft/powerplatform-actions/who-am-i

Power Platform GitHub Actions automate common build and deployment tasks related to Power Platform. This includes synchronization of solution metadata (a.k.a. solutions) between development environments and source control, generating build artifacts, deploying to downstream environments, provisioning/de-provisioning of environments, and the ability to perform static analysis checks against your solution using the PowerApps checker service.

6/10