Assess the risk of third-party GitHub Actions

Examples: ,

Actions

Assess all the actions

step-security/gh-docker-logs/__builder_checkout_dir__/.github/actions/privacy-check

GitHub Action to collect logs from all docker containers. Secure drop-in replacement for jwalton/gh-docker-logs.

10/10

marvinpinto/action-inject-ssm-secrets

READONLY: Auto-generated mirror for https://github.com/marvinpinto/actions/tree/master/packages/aws-ssm-secrets

3/10

actionutils/create-release-pr/__builder_checkout_dir__/.github/actions/secure-download-artifact

WIP

1/10

wearefrank/ci-cd-templates/update-buildinfo

3/10

Maintained action available

step-security/action-semantic-demo/setup-r-dependencies

7/10

step-security/ghaction-github-runtime/__builder_checkout_dir__/.github/actions/secure-download-artifact

GitHub Action to expose GitHub runtime to the workflow. Secure drop-in replacement for crazy-max/ghaction-github-runtime.

8/10

mdjahid11978-design/neon/.github/actions/neon-project-create

Neon: Serverless Postgres. We separated storage and compute to offer autoscaling, code-like database branching, and scale to zero.

3/10

surrealdb/surrealdb/.github/actions/quality-clippy

A scalable, distributed, collaborative, document-graph database, for the realtime web

5/10

Maintained action available

launchdarkly/ld-relay-helm/.github/actions/publish-gh-pages

A helm chart to ease deployment of the LaunchDarkly Relay Proxy

4/10

Maintained action available

febiosoftware/febio-workflows/.github/actions/repo-artifacts-release

Reusable workflows and actions specific to FEBio, FEBioStudio, and FEBio plugins

3/10

Maintained action available

aerospike/java-object-mapper/.github/actions/get-version

The Java Object Mapper is a simple, light-weight framework used to map POJOs to the Aerospike database. Using simple annotations or a configuration YAML file to describe how to map the data to Aerospike, the project takes the tedium out of mapping the data through the powerful, low level interface.

7/10