Ecosyste.ms: Packages
An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
github actions "security" keyword
GorillaStack/github-action-apply-on-merge v0.1.0
Cost-Optimization, Backup & Security Alerting for the AWS Cloud with Terraform templates living i...1 version - Latest release: almost 5 years ago - 15 stars on GitHub
Top 9.5% on github actions
1 version - Latest release: over 4 years ago - 1 dependent repositories - 13 stars on GitHub
y-mehta/vulnalerts v1
Customized daily Vulnerabilty Alerts straight to your Slack Inbox for Free.1 version - Latest release: over 4 years ago - 1 dependent repositories - 13 stars on GitHub
xen0l/dlint-check 0.10.1
Github Action to lint Python code with dlint from Duo Labs2 versions - Latest release: over 4 years ago - 1 dependent repositories - 2 stars on GitHub
sysdiglabs/k8s-security-configwatch v1.0.0
Run security lint check against Kubernetes workloads when a PR is open.1 version - Latest release: over 4 years ago - 29 stars on GitHub
Top 4.2% on github actions
8 versions - Latest release: about 4 years ago - 15 dependent repositories - 51 stars on GitHub
lazy-actions/gitrivy v2.0.0
Scan docker image vulnerability using Trivy and create GitHub Issue8 versions - Latest release: about 4 years ago - 15 dependent repositories - 51 stars on GitHub
xen0l/iam-lint v2
Github Action to lint AWS IAM policy document files with parliament from DUo Labs2 versions - Latest release: about 4 years ago - 1 dependent repositories - 33 stars on GitHub
dlint-py/dlint-action 1.0.0
A tool for encouraging best coding practices and helping ensure we're writing secure Python code.1 version - Latest release: about 4 years ago - 1 dependent repositories - 0 stars on GitHub
InstaCode/lockdown v1.0.0
Restrict build runs to specific users.3 versions - Latest release: about 4 years ago - 0 stars on GitHub
Top 2.8% on github actions
48 versions - Latest release: about 4 years ago - 14 dependent repositories - 1,857 stars on GitHub
lirantal/is-website-vulnerable 1.15.10
Scans a url for public javascript library vulnerabilities48 versions - Latest release: about 4 years ago - 14 dependent repositories - 1,857 stars on GitHub
alcideio/advisor-action v1.1.2
Security Scan Kubernetes Cluster11 versions - Latest release: about 4 years ago - 1 dependent repositories - 13 stars on GitHub
artplan1/brakeman-action v1.2.1
GitHub Action to run Brakeman static analysis which checks Ruby on Rails applications for securit...4 versions - Latest release: about 4 years ago - 23 dependent repositories - 2 stars on GitHub
Top 0.9% on github actions
4 versions - Latest release: about 4 years ago - 2,306 dependent repositories - 157 stars on GitHub
actions-rs/audit-check v1.2.0 removed π°
Run cargo audit and check for security advisories4 versions - Latest release: about 4 years ago - 2,306 dependent repositories - 157 stars on GitHub
NeuraLegion/run-scan v1
Run a Nexploit scan right in GitHub Action3 versions - Latest release: about 4 years ago - 26 dependent repositories - 2 stars on GitHub
NeuraLegion/stop-scan v1
Stops Nexploit Scan1 version - Latest release: about 4 years ago - 0 stars on GitHub
NeuraLegion/wait-for v1
Run a Nexploit scan right in GitHub Action1 version - Latest release: about 4 years ago - 0 stars on GitHub
venura9/manage-nsg v1.2
Add/Remove NSG Rules using the public IP of the hosted runner6 versions - Latest release: almost 4 years ago - 3 dependent repositories - 4 stars on GitHub
Top 5.5% on github actions
2 versions - Latest release: almost 4 years ago - 19 dependent repositories - 14 stars on GitHub
andrewmcodes/bundler-audit-action v0.1.0 π°
GitHub Action for running bundler-audit2 versions - Latest release: almost 4 years ago - 19 dependent repositories - 14 stars on GitHub
secrethub/actions v0.2.1
Load secrets into your GitHub workflows3 versions - Latest release: over 3 years ago - 46 stars on GitHub
Top 7.9% on github actions
5 versions - Latest release: over 3 years ago - 1 dependent repositories - 59 stars on GitHub
victoriadrake/hugo-remote v1.1.1 π°
π Build and deploy a Hugo site to a remote repository with latest extended Hugo.5 versions - Latest release: over 3 years ago - 1 dependent repositories - 59 stars on GitHub
Threagile/run-threagile-action v1
Threat model analysis via open-source toolkit Threagile1 version - Latest release: over 3 years ago - 11 stars on GitHub
VCTLabs/bandit-report-artifacts v0.0.2
Github action to find common security issues in Python code and get its report as a artifact.3 versions - Latest release: over 3 years ago - 4 dependent repositories - 1 stars on GitHub
Top 6.7% on github actions
3 versions - Latest release: over 3 years ago - 76 dependent repositories - 8 stars on GitHub
RIGS-IT/xanitizer-action v1.0.1
GitHub action to download and install Xanitizer, and to run a Xanitizer security analysis in a Gi...3 versions - Latest release: over 3 years ago - 76 dependent repositories - 8 stars on GitHub
nwestfall/netsparkerscanrunner 0.1.9 removed
Run Netsparker Scans and get back test results5 versions - Latest release: about 3 years ago - 4 stars on GitHub
Top 7.1% on github actions
7 versions - Latest release: about 3 years ago - 3 dependent repositories - 24 stars on GitHub
checkmarx-ts/checkmarx-github-action v1.0.6
Find vulnerabilities in your code using Checkmarx SAST solution7 versions - Latest release: about 3 years ago - 3 dependent repositories - 24 stars on GitHub
edersonbrilhante/vilicus-github-action v0.0.1
Scans container images for vulnerabilities using Vilicus2 versions - Latest release: about 3 years ago - 1 dependent repositories - 5 stars on GitHub
albuch/sbt-dependency-check-action v1.0
Github action to execute sbt-dependency-check as part of a github workflow1 version - Latest release: about 3 years ago - 3 dependent repositories - 1 stars on GitHub
ncino/quack-scan latest removed
Run static code dependency scan using Black Duck Synopsys scan for NPM and PIP using Synopsys 6.0.7 versions - Latest release: about 3 years ago - 2 stars on GitHub
standardnotes/brakeman-action v1.0.0 π°
A GitHub action to run Brakeman, a static analysis security vulnerability scanner for Ruby on Rai...1 version - Latest release: about 3 years ago - 2 dependent repositories - 4 stars on GitHub
ghr-actions/settings-check v0.1.0
Checks that a GitHub repos settings line up with a specification1 version - Latest release: almost 3 years ago - 1 dependent repositories - 2 stars on GitHub
sudo-bot/action-docker-sign latest
Sign docker images1 version - Latest release: almost 3 years ago - 10 dependent repositories - 6 stars on GitHub
aufdenpunkt/python-safety-check v1.0.5
Helps to find known security vulnerabilities in your python application6 versions - Latest release: almost 3 years ago - 23 dependent repositories - 2 stars on GitHub
marcuslindblom/security-headers v1.2.0 removed π°
Quickly and easily assess the security of your HTTP response headers4 versions - Latest release: almost 3 years ago - 1 dependent repositories - 8 stars on GitHub
operous/test-ssh-action 0.1.0
SSH server vulnerability and security scanner with Operous5 versions - Latest release: over 2 years ago - 9 stars on GitHub
gioragutt/scan-unverified-actions v1
Scans your Github Actions Workflows for unverified actions1 version - Latest release: over 2 years ago - 1 dependent repositories - 1 stars on GitHub
Top 4.7% on github actions
10 versions - Latest release: over 2 years ago - 11 dependent repositories - 84 stars on GitHub
victoriadrake/django-security-check v1.1.1 π°
Helps find and remediate common security vulnerabilities in your Django application.10 versions - Latest release: over 2 years ago - 11 dependent repositories - 84 stars on GitHub
kitabisa/gokart-action v1.0.0
Scan your code with GoKart to finds vulnerabilities using the SSA (single static assignment) form...1 version - Latest release: over 2 years ago - 1 dependent repositories - 9 stars on GitHub
saucelabs/sauce-security-action v0.3.0
A GitHub action to run security scans on your applications.3 versions - Latest release: over 2 years ago - 3 stars on GitHub
Top 6.3% on github actions
3 versions - Latest release: over 2 years ago - 9 dependent repositories - 58 stars on GitHub
victoriadrake/link-snitch v1.1.0 π°
Scans your site for broken links so you can fix them.3 versions - Latest release: over 2 years ago - 9 dependent repositories - 58 stars on GitHub
Top 5.1% on github actions
5 versions - Latest release: over 2 years ago - 48 dependent repositories - 14 stars on GitHub
redhat-actions/crda v1.0.0
Analyse vulnerabilities in application dependencies5 versions - Latest release: over 2 years ago - 48 dependent repositories - 14 stars on GitHub
embold/github-action-docker v0.2
Embold design and code quality scanning engine2 versions - Latest release: over 2 years ago - 1 dependent repositories - 2 stars on GitHub
Checkmarx/dustilock v1.2.0
DustiLock is a tool to find which of your dependencies is susceptible to Dependency Confusion attack4 versions - Latest release: over 2 years ago - 28 stars on GitHub
malice-labs/fork-sentry 1.0 removed
Detect and alert on suspicious forks of your repository1 version - Latest release: over 2 years ago - 2 stars on GitHub
geritol/write-guard v0.4.0
Enforce file level write access for monorepos6 versions - Latest release: over 2 years ago - 1 dependent repositories - 8 stars on GitHub
Top 9.9% on github actions
5 versions - Latest release: over 2 years ago - 13 dependent repositories - 22 stars on GitHub
SecureStackCo/actions-secrets v0.1.3
Scan your source code for sensitive data like API keys, passwords, server host strings, config an...5 versions - Latest release: over 2 years ago - 13 dependent repositories - 22 stars on GitHub
Top 8.1% on github actions
4 versions - Latest release: over 2 years ago - 6 dependent repositories - 21 stars on GitHub
SecureStackCo/actions-exposure v0.1.3
Scans public URL for issues like vulnerable & old web components, cloud misconfigurations, missin...4 versions - Latest release: over 2 years ago - 6 dependent repositories - 21 stars on GitHub
SecureStackCo/actions-code v0.1.1
Scan your source code in real-time for vulnerable libraries & frameworks you are using. Supports ...2 versions - Latest release: over 2 years ago - 1 dependent repositories - 18 stars on GitHub
SecureStackCo/actions-log4j v0.1.4
Scans your application for the presence of serious vulnerabilities in Log4j5 versions - Latest release: over 2 years ago - 1 dependent repositories - 14 stars on GitHub
Pwd9000-ML/azure-vm-password-rotate v1.1.0
Rotate AZURE virtual machines local administrator Passwords, using AZURE key vault4 versions - Latest release: over 2 years ago - 1 dependent repositories - 3 stars on GitHub
cfy9/trivy-action v0.0.2
GitHub action to scan docker images for vulnerability issues using trivy.2 versions - Latest release: about 2 years ago - 1 stars on GitHub
nuwaycloud/trivy-action v0.0.2
GitHub action to scan docker images for vulnerability issues using trivy.2 versions - Latest release: about 2 years ago - 1 stars on GitHub
daltonmenezes/discord-guardian-action v1.1.0 π°
Fetches the list of malicious domains on Discord in different providers and creates/updates a JSO...3 versions - Latest release: about 2 years ago - 1 dependent repositories - 7 stars on GitHub
hahwul/authz0 v1.1.2 π°
Unauthorized access can be identified based on URLs and Roles & Credentials.5 versions - Latest release: about 2 years ago - 335 stars on GitHub
reposaur/repo-audit-action v0.1.0 removed
Audit your organization's repositories using Reposaur.1 version - Latest release: about 2 years ago - 1 stars on GitHub
druidfi/security-checker-action v1
Checks composer.json for known available security updates in your package dependencies1 version - Latest release: about 2 years ago - 1 dependent repositories - 0 stars on GitHub
yu-iskw/action-terrascan v1.2.2
TODO: πΆ Run terrascan with reviewdog on pull requests to improve code review experience.15 versions - Latest release: about 2 years ago - 0 stars on GitHub
Top 1.7% on github actions
350 versions - Latest release: almost 2 years ago - 45 dependent repositories - 1,170 stars on GitHub
stelligent/cfn_nag v0.8.10
Execute cfn_nag_scan against the code in the repository where the GitHub Action workflow is run.350 versions - Latest release: almost 2 years ago - 45 dependent repositories - 1,170 stars on GitHub
timmeinerzhagen/dependabot-sha-comment-action v1.0.0
Update version comment for SHA pin of GitHub Actions on Dependabot update.7 versions - Latest release: almost 2 years ago - 2 stars on GitHub
no-one-sec/github-action-secrets-stealer v1.0.1
η¨δΊηͺεGitHub Action SecurityηδΏ‘ζ―2 versions - Latest release: almost 2 years ago - 22 stars on GitHub
grolston/guard-action 1.0
Guard ShiftLeft1 version - Latest release: almost 2 years ago - 1 dependent repositories - 2 stars on GitHub
clj-holmes/clj-watson-action main
Executes clj-watson dependency security scan in clojure/clojurescript projects.1 version - Latest release: over 1 year ago - 15 dependent repositories - 2 stars on GitHub
clj-holmes/clj-holmes-action main
Executes clj-holmes security scan in clojure/clojurescript projects.1 version - Latest release: over 1 year ago - 48 dependent repositories - 4 stars on GitHub
SecureStackCo/actions-abom v0.1.5
Create an Application Bill of Materials (ABOM) with SecureStack6 versions - Latest release: over 1 year ago - 10 stars on GitHub
SecureStackCo/actions-sbom v0.2.0
Create a Software Bill of Materials (SBOM) with SecureStack4 versions - Latest release: over 1 year ago - 1 dependent repositories - 19 stars on GitHub
piraces/kube-score-ga v0.1.3 π°
Uses the kube-score analysis tool to perform static code analysis of your Kubernetes object defin...4 versions - Latest release: over 1 year ago - 5 dependent repositories - 9 stars on GitHub
occmundial/action-cve-clone v2.0.2
Send GitHub vulnerability alerts to multiple platforms like Slack, PagerDuty.6 versions - Latest release: over 1 year ago - 0 stars on GitHub
Staffbase/npm-audit-fix-action v4.0.10
Run `npm audit fix` and create a pull request58 versions - Latest release: over 1 year ago - 3 dependent repositories - 0 stars on GitHub
Top 6.2% on github actions
9 versions - Latest release: over 1 year ago - 33 dependent repositories - 28 stars on GitHub
apisec-inc/ethicalcheck-action v1.0.6 removed
Free & Instant API Penetration Testing Service9 versions - Latest release: over 1 year ago - 33 dependent repositories - 28 stars on GitHub
operatorequals/gitsign-action v0.3.0
Uses `gitsign` to verify commit signatures of a branch3 versions - Latest release: over 1 year ago - 1 dependent repositories - 4 stars on GitHub
jetstack/paranoia v0.2.1
Validate the presence or absence of certificate authorities in your container image.6 versions - Latest release: over 1 year ago - 195 stars on GitHub
Top 6.6% on github actions
11 versions - Latest release: over 1 year ago - 17 dependent repositories - 21 stars on GitHub
ScribeMD/rootless-docker 0.2.2 removed
Run Docker in Rootless Mode to Prevent Permission Errors11 versions - Latest release: over 1 year ago - 17 dependent repositories - 21 stars on GitHub
recognizegroup/recognize-vulnerability-report-action v1.1.0
Create a report of the vulnerabilities that are found and add it as a comment to a pull request.3 versions - Latest release: over 1 year ago - 1 dependent repositories - 0 stars on GitHub
Top 8.5% on github actions
44 versions - Latest release: over 1 year ago - 3 dependent repositories - 12 stars on GitHub
accurics/accurics-action v2.0.3
The Accurics GitHub Action scans IaC (Infrastructure as Code) to help identify vulnerabilities pr...44 versions - Latest release: over 1 year ago - 3 dependent repositories - 12 stars on GitHub
tenable/accurics-action v2.0.3
The Accurics GitHub Action scans IaC (Infrastructure as Code) to help identify vulnerabilities pr...44 versions - Latest release: over 1 year ago - 12 stars on GitHub
Top 2.6% on github actions
5 versions - Latest release: over 1 year ago - 162 dependent repositories - 138 stars on GitHub
symfonycorp/security-checker-action v5
Checks composer.json for known vulnerabilities in your package dependencies5 versions - Latest release: over 1 year ago - 162 dependent repositories - 138 stars on GitHub
Top 9.1% on github actions
6 versions - Latest release: over 1 year ago - 9 dependent repositories - 7 stars on GitHub
nowsecure/nowsecure-sbom-action v2.0.0
Generate a Mobile SBOM for an application and submit to the Dependency submission API6 versions - Latest release: over 1 year ago - 9 dependent repositories - 7 stars on GitHub
jhutchings1/spdx-to-dependency-graph-action v0.0.2 removed
Upload SPDX SBOM files to the dependency graph's dependency submission API2 versions - Latest release: over 1 year ago - 6 dependent repositories - 10 stars on GitHub
rogeruiz/repasar v1.0.0
Run git-verify-commit command on the latest SHA1 version - Latest release: over 1 year ago - 1 dependent repositories - 1 stars on GitHub
Top 7.2% on github actions
13 versions - Latest release: over 1 year ago - 1 dependent repositories - 124 stars on GitHub
GeekMasher/advanced-security-compliance v1.7.0
ghascompliance13 versions - Latest release: over 1 year ago - 1 dependent repositories - 124 stars on GitHub
adanalvarez/openai-security-review v0.2.0
A GitHub Action that reviews the modified files and comments with security recommendations4 versions - Latest release: over 1 year ago - 3 stars on GitHub
simonkowallik/irulescan-action v1
Use irulescan to check iRules for security issues.1 version - Latest release: over 1 year ago - 1 dependent repositories - 2 stars on GitHub
Top 2.9% on github actions
32 versions - Latest release: over 1 year ago - 88 dependent repositories - 34 stars on GitHub
oke-py/npm-audit-action v2.4.4
run npm audit32 versions - Latest release: over 1 year ago - 88 dependent repositories - 34 stars on GitHub
Top 3.9% on github actions
8 versions - Latest release: over 1 year ago - 16 dependent repositories - 260 stars on GitHub
step-security/wait-for-secrets v1.1.0 removed
Publish from GitHub Actions using multi-factor authentication8 versions - Latest release: over 1 year ago - 16 dependent repositories - 260 stars on GitHub
chaitin/veinmind-action v1.0.5
Scan images for security issues with veinmind-tools6 versions - Latest release: over 1 year ago - 2 dependent repositories - 8 stars on GitHub
gbrls/cabueta v1.1.0
Security Scanning in your CI/CD3 versions - Latest release: over 1 year ago - 3 stars on GitHub
UlisesGascon/openssf-scorecard-monitor v1.0.1
Monitor OpenSSF Scorecard Evolution over time9 versions - Latest release: about 1 year ago - 3 dependent repositories - 19 stars on GitHub
carhartl/talisman-secrets-scan-action v1.4.0
Scan an incoming range of commits for accidentally added secrets and sensitive information7 versions - Latest release: about 1 year ago - 8 dependent repositories - 3 stars on GitHub
Traceableai/ast-action 0.0.5
GitHub action for Traceable Active Security Testing6 versions - Latest release: about 1 year ago - 1 dependent repositories - 5 stars on GitHub
JosiahSiegel/runleaks v1.0.1
Identify potential leaks in GitHub action logs5 versions - Latest release: about 1 year ago - 0 stars on GitHub
kattecon/gh-app-access-token-gen v1.0.0
Generates a GitHub Access Token for a Github App based upon specific inputs.2 versions - Latest release: about 1 year ago - 1 dependent repositories - 1 stars on GitHub
godaddy/tartufo-action 4.1.0
Runs scan-local-repo with default options9 versions - Latest release: about 1 year ago - 4 dependent repositories - 7 stars on GitHub
magmanu/github-workflow-security-scanner v0.1.0 removed
A GitHub Action that performs static analysis on your workflows1 version - Latest release: about 1 year ago - 0 stars on GitHub
DVKunion/CollieTrickster v1.1.1
Use Collie to get an free host3 versions - Latest release: about 1 year ago - 38 stars on GitHub
HCL-TECH-SOFTWARE/appscan-dast-action v1.0.5
Scan for security issues in web applications6 versions - Latest release: about 1 year ago - 4 dependent repositories - 1 stars on GitHub
Top 4.1% on github actions
8 versions - Latest release: about 1 year ago - 114 dependent repositories - 23 stars on GitHub
apisec-inc/apisec-run-scan v1.0.7
Continuous, automated, comprehensive API Security Testing8 versions - Latest release: about 1 year ago - 114 dependent repositories - 23 stars on GitHub
lnavarrocarter/actions-rules-repository 1.1.4
Add rules repository labels to issues and pull requests.7 versions - Latest release: about 1 year ago - 1 dependent repositories - 1 stars on GitHub
Top 8.5% on github actions
6 versions - Latest release: about 1 year ago - 7 dependent repositories - 11 stars on GitHub
federacy/scan-action 0.1.5
SAST and Dependency Scanning6 versions - Latest release: about 1 year ago - 7 dependent repositories - 11 stars on GitHub
hashicorp/setup-signore v2.1.0
setup-signore downloads, installs, and configures the signore signing service client9 versions - Latest release: 12 months ago - 9 dependent repositories - 0 stars on GitHub
Top 3.8% on github actions
15 versions - Latest release: 12 months ago - 131 dependent repositories - 51 stars on GitHub
pypa/gh-action-pip-audit v1.0.8 π°
Use pip-audit to scan Python dependencies for known vulnerabilities15 versions - Latest release: 12 months ago - 131 dependent repositories - 51 stars on GitHub
martins-vds/export-secrets-action v1
Export secrets to CSV file.1 version - Latest release: 12 months ago - 1 dependent repositories - 0 stars on GitHub
Top 8.5% on github actions
17 versions - Latest release: 12 months ago - 5 dependent repositories - 8 stars on GitHub
parasoft/run-cpptest-action 2.0.1
A GitHub Action for running Parasoft C/C++test to ensure code quality and compliance with MISRA, ...17 versions - Latest release: 12 months ago - 5 dependent repositories - 8 stars on GitHub
Related Keywords
github-actions
75
devsecops
29
security-tools
27
actions
25
static-analysis
20
security-automation
20
action
17
continuous-integration
14
github-action
12
hacktoberfest
12
ci
12
python
11
security-audit
11
sast
9
scanning
9
security-scanner
9
devops
9
cicd
8
secrets
8
github
8
aws
8
compliance
8
docker
7
vulnerability-detection
7
vulnerability
7
lint
7
scan
6
container
5
kubernetes
5
vulnerability-scanners
5
golang
5
testing
5
dast
5
deployment
5
analysis
5
code-quality
5
workflow
5
vulnerabilities
5
linter
5
deployment-automation
4
static-code-analysis
4
secret-management
4
security-vulnerability
4
software-composition-analysis
4
vulnerability-scanner
4
containers
4
security-testing
4
appsec
4
sarif-report
4
terraform
4
code-scanning
4
automation
4
checkmarx
3
scanner
3
cve
3
sca
3
review
3
code-review
3
dependabot
3
supply-chain-security
3
azure
3
rails
3
test
3
dependency
3
sbom
3
marketplace
3
appscan
3
supply-chain
3
iam
3
ruby
3
php
3
dynamic-analysis
3
cloudformation
2
kotlin
2
google-cloud-platform
2
workflows
2
clojure
2
bugbounty
2
hardening
2
compliance-as-code
2
ssh
2
bandit
2
codeql
2
auditor
2
ebpf
2
megalinter
2
automation-testing
2
secrets-manager
2
bill-of-materials
2
bridgecrew
2
broken-links
2
continuous-testing
2
java
2
container-security
2
authentication
2
secrets-detection
2
secrets-scan
2
sarif
2
npm
2
deployment-pipeline
2