Assess the risk of third-party GitHub Actions
Examples: ,
Actions
Assess all the actions
step-security/setup-vals
Github Action for installing vals (https://github.com/helmfile/vals). Secure drop-in replacement for jkroepke/setup-vals.
mavrosxristoforos/get-xml-info
Get Information from XML files to use into your GitHub workflows
pcysl5edgo/cat
GitHub Action to cat a file
step-security/import-codesign-certs
GitHub Action for Importing Code-signing Certificates into a Keychain. Secure drop-in replacement for Apple-Actions/import-codesign-certs.
orcid/changelog-action
action to update a changelog and create a github release
chronograph-pe/actions-permissions/monitor
GitHub token permissions Monitor and Advisor actions
actions-security-demo/script-injection/actions/commands
cupcakearmy/confluence-markdown-sync
launchdarkly/dotnet-eventsource/.github/actions/build-docs
Server-sent events (SSE) client implementation for .NET
useblacksmith/cache/restore
Cache dependencies and build outputs in GitHub Actions
protocolbuffers/protobuf-ci/../../_actions/current/internal/docker-run
A shared repository for Protobuf CI actions
smartcontractkit/.github/actions/setup-gap
reusable GHA workflows and actions
shundor/python-bandit-scan
GitHub Action for Bandit SAST
equinor/oneseismic-api/.github/actions/load_openvds_image
Web API for fast access of arbitrary seismic slices from VDS data
step-security/asdf-vm-actions/plugins-add
GitHub Actions for the asdf version manager. Secure drop-in replacement for asdf-vm/actions.
crazy-max/ghaction-docker-buildx
:octocat: GitHub Action to set up Docker Buildx
mozilla-it/deploy-actions/docker-push
Generic GitHub composite actions/workflows for deploying applications
kubepug/kubepug-installer
kubepug-installer GitHub Action
bryannice/gitactions-slack-notification
Git Action Slack Notifications From Build Status
rudderlabs/setup-aws-signer-notation-cli
This GitHub Action installs Notation CLI with the AWS Signer plugin.