StepSecurity Logo
StepSecurity
LoginStart free

Assess the risk of third-party GitHub Actions

Actions

Assess all the actions

qte77/gha-sbom-action

qte77/gha-sbom-action

Composite GitHub Action that generates SPDX SBOM files using the GitHub dependency graph API and Syft, optionally opening a pull request with the results.

6/10
ljharb/actions/node/pack

ljharb/actions/node/pack

GitHub actions I use for CI.

5/10
Maintained action available
step-security/action-tflint

step-security/action-tflint

Run tflint with reviewdog on pull requests to enforce best practices. Secure drop-in replacement for reviewdog/action-tflint.

10/10
Maintained by StepSecurity
yepcode/gha-copy-team

yepcode/gha-copy-team

GitHub Action that copies all the contents from the current git repository to one YepCode remote team.

3/10
slsa-framework/slsa-github-generator/.github/actions/detect-workflow

slsa-framework/slsa-github-generator/.github/actions/detect-workflow

Language-agnostic SLSA provenance generation for Github Actions

5/10
mxcl/xcodebuild

mxcl/xcodebuild

A continuously resilient `xcodebuild` β€œGitHub Action”. Also it’s the best.

0/10
netlify/actions/cli

netlify/actions/cli

6/10
octodemo-resources/github-url-resolver-action

octodemo-resources/github-url-resolver-action

GitHub Action to resolve URLs that are associated with a specific GitHub instance

3/10
dagster-io/dagster-cloud-action/actions/utils/prerun

dagster-io/dagster-cloud-action/actions/utils/prerun

5/10
natiginfo/action-detekt-all

natiginfo/action-detekt-all

Run Detekt static analysis in GitHub Actions with configurable Detekt and Java versions.

4/10
nvidia/nvmath-python/.github/actions/get_pr_number

nvidia/nvmath-python/.github/actions/get_pr_number

NVIDIA Math Libraries for the Python Ecosystem

6/10
step-security/install-poetry/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/install-poetry/__builder_checkout_dir__/.github/actions/secure-download-artifact

Github action for installing and configuring Poetry. Secure drop-in replacement for snok/install-poetry.

10/10
step-security/setup-protoc/__builder_checkout_dir__/.github/actions/secure-download-artifact

step-security/setup-protoc/__builder_checkout_dir__/.github/actions/secure-download-artifact

GitHub Action to setup the protoc compiler for protocol buffers. Secure drop-in replacement for arduino/setup-protoc.

9/10
grafana/setup-k6-action

grafana/setup-k6-action

GitHub Action for installing Grafana k6

8/10
kong/gh-storage/download

kong/gh-storage/download

Use a GitHub hosted repository to store and retrieve files

4/10
bridgecrewio/yor-action

bridgecrewio/yor-action

Github action for Yor

2/10
coveord/spinnaker/.github/actions/build-tag-number

coveord/spinnaker/.github/actions/build-tag-number

Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence.

3/10
anchore/chronicle/.github/actions/wait-for-check

anchore/chronicle/.github/actions/wait-for-check

a fast changelog generator sourced from PRs and Issues

6/10
zwaldowski/semver-release-action

zwaldowski/semver-release-action

Create the next semantic version and tag it.

3/10
matmair/inventree/.github/actions/setup

matmair/inventree/.github/actions/setup

Open Source Inventory Management System

7/10