Ecosyste.ms: Packages
An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
github actions "security" keyword
occmundial/action-cve-clone v2.0.2
Send GitHub vulnerability alerts to multiple platforms like Slack, PagerDuty.6 versions - Latest release: over 1 year ago - 0 stars on GitHub
hashicorp/setup-signore v2.1.0
setup-signore downloads, installs, and configures the signore signing service client9 versions - Latest release: 12 months ago - 9 dependent repositories - 0 stars on GitHub
hoeg/semgrep-report v1.0.2
Report Semgrep findimgs to PRs with suggested changes5 versions - Latest release: 11 months ago - 0 stars on GitHub
dlint-py/dlint-action 1.0.0
A tool for encouraging best coding practices and helping ensure we're writing secure Python code.1 version - Latest release: about 4 years ago - 1 dependent repositories - 0 stars on GitHub
magmanu/github-workflow-security-scanner v0.1.0 removed
A GitHub Action that performs static analysis on your workflows1 version - Latest release: about 1 year ago - 0 stars on GitHub
fabasoad/setup-graudit-action v0.2.3 💰
This action installs graudit CLI tool.8 versions - Latest release: about 1 month ago - 0 stars on GitHub
gabrielrufino/mongodump-action v1.0.2 removed 💰
GitHub Action for creating a binary export of a database's contents5 versions - Latest release: 5 months ago - 1 dependent repositories - 0 stars on GitHub
druidfi/security-checker-action v1
Checks composer.json for known available security updates in your package dependencies1 version - Latest release: about 2 years ago - 1 dependent repositories - 0 stars on GitHub
NeuraLegion/stop-scan v1
Stops Nexploit Scan1 version - Latest release: about 4 years ago - 0 stars on GitHub
Staffbase/npm-audit-fix-action v4.0.10
Run `npm audit fix` and create a pull request58 versions - Latest release: over 1 year ago - 3 dependent repositories - 0 stars on GitHub
GrantBirki/auditor-action-core v3.0.1 removed
The Auditor Action's Core21 versions - Latest release: about 2 months ago - 1 dependent repositories - 0 stars on GitHub
InstaCode/lockdown v1.0.0
Restrict build runs to specific users.3 versions - Latest release: about 4 years ago - 0 stars on GitHub
recognizegroup/recognize-vulnerability-report-action v1.1.0
Create a report of the vulnerabilities that are found and add it as a comment to a pull request.3 versions - Latest release: over 1 year ago - 1 dependent repositories - 0 stars on GitHub
JosiahSiegel/runleaks v1.0.1
Identify potential leaks in GitHub action logs5 versions - Latest release: about 1 year ago - 0 stars on GitHub
martins-vds/export-secrets-action v1
Export secrets to CSV file.1 version - Latest release: 12 months ago - 1 dependent repositories - 0 stars on GitHub
NeuraLegion/wait-for v1
Run a Nexploit scan right in GitHub Action1 version - Latest release: about 4 years ago - 0 stars on GitHub
yu-iskw/action-terrascan v1.2.2
TODO: 🐶 Run terrascan with reviewdog on pull requests to improve code review experience.15 versions - Latest release: about 2 years ago - 0 stars on GitHub
kahu-app/github-action v0.3.1
Dependency security check8 versions - Latest release: 10 months ago - 0 stars on GitHub
VCTLabs/bandit-report-artifacts v0.0.2
Github action to find common security issues in Python code and get its report as a artifact.3 versions - Latest release: over 3 years ago - 4 dependent repositories - 1 stars on GitHub
kattecon/gh-app-access-token-gen v1.0.0
Generates a GitHub Access Token for a Github App based upon specific inputs.2 versions - Latest release: about 1 year ago - 1 dependent repositories - 1 stars on GitHub
albuch/sbt-dependency-check-action v1.0
Github action to execute sbt-dependency-check as part of a github workflow1 version - Latest release: about 3 years ago - 3 dependent repositories - 1 stars on GitHub
lnavarrocarter/actions-rules-repository 1.1.4
Add rules repository labels to issues and pull requests.7 versions - Latest release: about 1 year ago - 1 dependent repositories - 1 stars on GitHub
dentarg/gem-compare v1.3.2 removed 💰
Compare different gem versions9 versions - Latest release: 6 months ago - 4 dependent repositories - 1 stars on GitHub
gioragutt/scan-unverified-actions v1
Scans your Github Actions Workflows for unverified actions1 version - Latest release: over 2 years ago - 1 dependent repositories - 1 stars on GitHub
bashofmann/neuvector-image-scan-action
Scans a container image for vulnerabilities with [NeuVector](https://neuvector.com)Latest release: 28 days ago - 1 stars on GitHub
reposaur/repo-audit-action v0.1.0 removed
Audit your organization's repositories using Reposaur.1 version - Latest release: about 2 years ago - 1 stars on GitHub
HCL-TECH-SOFTWARE/appscan-dast-action v1.0.5
Scan for security issues in web applications6 versions - Latest release: about 1 year ago - 4 dependent repositories - 1 stars on GitHub
nuwaycloud/trivy-action v0.0.2
GitHub action to scan docker images for vulnerability issues using trivy.2 versions - Latest release: about 2 years ago - 1 stars on GitHub
rogeruiz/repasar v1.0.0
Run git-verify-commit command on the latest SHA1 version - Latest release: over 1 year ago - 1 dependent repositories - 1 stars on GitHub
cfy9/trivy-action v0.0.2
GitHub action to scan docker images for vulnerability issues using trivy.2 versions - Latest release: about 2 years ago - 1 stars on GitHub
ncino/quack-scan latest removed
Run static code dependency scan using Black Duck Synopsys scan for NPM and PIP using Synopsys 6.0.7 versions - Latest release: about 3 years ago - 2 stars on GitHub
xen0l/dlint-check 0.10.1
Github Action to lint Python code with dlint from Duo Labs2 versions - Latest release: over 4 years ago - 1 dependent repositories - 2 stars on GitHub
simonkowallik/irulescan-action v1
Use irulescan to check iRules for security issues.1 version - Latest release: over 1 year ago - 1 dependent repositories - 2 stars on GitHub
clj-holmes/clj-watson-action main
Executes clj-watson dependency security scan in clojure/clojurescript projects.1 version - Latest release: over 1 year ago - 15 dependent repositories - 2 stars on GitHub
malice-labs/fork-sentry 1.0 removed
Detect and alert on suspicious forks of your repository1 version - Latest release: over 2 years ago - 2 stars on GitHub
parasoft/run-dottest-action 2.0.1
A GitHub Action for running Parasoft dotTEST analysis.8 versions - Latest release: 11 months ago - 1 dependent repositories - 2 stars on GitHub
GrantBirki/auditor-action v4.2.0
The Auditor26 versions - Latest release: 29 days ago - 2 stars on GitHub
rcowsill/workflow-scan-action v3.0.0
Scan GitHub Actions workflow files with CodeQL4 versions - Latest release: 4 months ago - 2 dependent repositories - 2 stars on GitHub
timmeinerzhagen/dependabot-sha-comment-action v1.0.0
Update version comment for SHA pin of GitHub Actions on Dependabot update.7 versions - Latest release: almost 2 years ago - 2 stars on GitHub
NeuraLegion/run-scan v1
Run a Nexploit scan right in GitHub Action3 versions - Latest release: about 4 years ago - 26 dependent repositories - 2 stars on GitHub
Contrast-Security-OSS/integration-verify-github-action v0.6.7
Verify Contrast Application by Job Outcome Policy or Vulnerability Count12 versions - Latest release: 2 months ago - 2 stars on GitHub
grolston/guard-action 1.0
Guard ShiftLeft1 version - Latest release: almost 2 years ago - 1 dependent repositories - 2 stars on GitHub
embold/github-action-docker v0.2
Embold design and code quality scanning engine2 versions - Latest release: over 2 years ago - 1 dependent repositories - 2 stars on GitHub
aufdenpunkt/python-safety-check v1.0.5
Helps to find known security vulnerabilities in your python application6 versions - Latest release: almost 3 years ago - 23 dependent repositories - 2 stars on GitHub
artplan1/brakeman-action v1.2.1
GitHub Action to run Brakeman static analysis which checks Ruby on Rails applications for securit...4 versions - Latest release: about 4 years ago - 23 dependent repositories - 2 stars on GitHub
ghr-actions/settings-check v0.1.0
Checks that a GitHub repos settings line up with a specification1 version - Latest release: almost 3 years ago - 1 dependent repositories - 2 stars on GitHub
adanalvarez/openai-security-review v0.2.0
A GitHub Action that reviews the modified files and comments with security recommendations4 versions - Latest release: over 1 year ago - 3 stars on GitHub
carhartl/talisman-secrets-scan-action v1.4.0
Scan an incoming range of commits for accidentally added secrets and sensitive information7 versions - Latest release: about 1 year ago - 8 dependent repositories - 3 stars on GitHub
HCL-TECH-SOFTWARE/appscan-sast-action v1.0.4
Scan for security issues in code5 versions - Latest release: about 1 month ago - 7 dependent repositories - 3 stars on GitHub
kubeshop/monokle-action v0.3.2
Monokle Action analyzes your Kubernetes resources to quickly find misconfigurations.8 versions - Latest release: 6 months ago - 1 dependent repositories - 3 stars on GitHub
saucelabs/sauce-security-action v0.3.0
A GitHub action to run security scans on your applications.3 versions - Latest release: over 2 years ago - 3 stars on GitHub
Pwd9000-ML/azure-vm-password-rotate v1.1.0
Rotate AZURE virtual machines local administrator Passwords, using AZURE key vault4 versions - Latest release: over 2 years ago - 1 dependent repositories - 3 stars on GitHub
bugale/bugalint v2.1.0
Convert various linter outputs to standard formats4 versions - Latest release: 8 months ago - 1 dependent repositories - 3 stars on GitHub
tj-actions/bandit v5.5 💰
A security linter from PyCQA15 versions - Latest release: 8 months ago - 40 dependent repositories - 3 stars on GitHub
gbrls/cabueta v1.1.0
Security Scanning in your CI/CD3 versions - Latest release: over 1 year ago - 3 stars on GitHub
venura9/manage-nsg v1.2
Add/Remove NSG Rules using the public IP of the hosted runner6 versions - Latest release: almost 4 years ago - 3 dependent repositories - 4 stars on GitHub
trendmicro/cloudone-container-security-github-action 1.0.10
Scan container images with Vision One Container Security11 versions - Latest release: 7 months ago - 4 stars on GitHub
clj-holmes/clj-holmes-action main
Executes clj-holmes security scan in clojure/clojurescript projects.1 version - Latest release: over 1 year ago - 48 dependent repositories - 4 stars on GitHub
nwestfall/netsparkerscanrunner 0.1.9 removed
Run Netsparker Scans and get back test results5 versions - Latest release: about 3 years ago - 4 stars on GitHub
standardnotes/brakeman-action v1.0.0 💰
A GitHub action to run Brakeman, a static analysis security vulnerability scanner for Ruby on Rai...1 version - Latest release: about 3 years ago - 2 dependent repositories - 4 stars on GitHub
sammcj/github-app-installation-token v2.16.0 💰
Run a GitHub Action as a GitHub App Installation instead of using secrets.GITHUB_TOKEN or a perso...130 versions - Latest release: about 1 month ago - 2 dependent repositories - 4 stars on GitHub
operatorequals/gitsign-action v0.3.0
Uses `gitsign` to verify commit signatures of a branch3 versions - Latest release: over 1 year ago - 1 dependent repositories - 4 stars on GitHub
georgealton/iam-sarif-report v2.3.2
Generate SARIF from AWS IAM Access Analyzer findings12 versions - Latest release: about 1 month ago - 5 stars on GitHub
edersonbrilhante/vilicus-github-action v0.0.1
Scans container images for vulnerabilities using Vilicus2 versions - Latest release: about 3 years ago - 1 dependent repositories - 5 stars on GitHub
Traceableai/ast-action 0.0.5
GitHub action for Traceable Active Security Testing6 versions - Latest release: about 1 year ago - 1 dependent repositories - 5 stars on GitHub
actions-rust-lang/audit v1.1.14
Audit Rust dependencies with cargo audit and the RustSec Advisory DB21 versions - Latest release: 3 months ago - 26 dependent repositories - 5 stars on GitHub
mnavarrocarter/authorize-aws-security-group-ingress-action v1.1.0
Creates a inbound rule in an AWS Security Group and deletes it when the job finishes2 versions - Latest release: about 2 months ago - 6 stars on GitHub
Aptori-dev/sift-action v1.0.1
Find business logic and security bugs in your application with Aptori Autonomous API Security Tes...3 versions - Latest release: 9 months ago - 6 stars on GitHub
sudo-bot/action-docker-sign latest
Sign docker images1 version - Latest release: almost 3 years ago - 10 dependent repositories - 6 stars on GitHub
Top 8.9% on github actions
13 versions - Latest release: 9 months ago - 23 dependent repositories - 6 stars on GitHub
ossillate-inc/packj-github-action v0.0.12-beta
Use Packj to avoid malicious and other "risky" open-source software dependencies13 versions - Latest release: 9 months ago - 23 dependent repositories - 6 stars on GitHub
f-actions/opentype-sanitizer v3.0.0
A GitHub Action for opentype-sanitizer testing of font artifacts8 versions - Latest release: 3 months ago - 1 dependent repositories - 6 stars on GitHub
Top 7.8% on github actions
18 versions - Latest release: 9 months ago - 17 dependent repositories - 7 stars on GitHub
SAP/fosstars-rating-core-action v1.14.0
The action calculates one of the Fosstars ratings. It outputs a report in Markdown format and an ...18 versions - Latest release: 9 months ago - 17 dependent repositories - 7 stars on GitHub
daltonmenezes/discord-guardian-action v1.1.0 💰
Fetches the list of malicious domains on Discord in different providers and creates/updates a JSO...3 versions - Latest release: about 2 years ago - 1 dependent repositories - 7 stars on GitHub
Novusvetus/action-phpinsights 1.1.16 💰
Runs PHP Insights18 versions - Latest release: 6 months ago - 3 dependent repositories - 7 stars on GitHub
godaddy/tartufo-action 4.1.0
Runs scan-local-repo with default options9 versions - Latest release: about 1 year ago - 4 dependent repositories - 7 stars on GitHub
alessiodionisi/setup-age-action v1.3.0 💰
Setup age and add it to the PATH5 versions - Latest release: 3 months ago - 1 dependent repositories - 7 stars on GitHub
Top 9.1% on github actions
6 versions - Latest release: over 1 year ago - 9 dependent repositories - 7 stars on GitHub
nowsecure/nowsecure-sbom-action v2.0.0
Generate a Mobile SBOM for an application and submit to the Dependency submission API6 versions - Latest release: over 1 year ago - 9 dependent repositories - 7 stars on GitHub
Top 8.5% on github actions
17 versions - Latest release: 12 months ago - 5 dependent repositories - 8 stars on GitHub
parasoft/run-cpptest-action 2.0.1
A GitHub Action for running Parasoft C/C++test to ensure code quality and compliance with MISRA, ...17 versions - Latest release: 12 months ago - 5 dependent repositories - 8 stars on GitHub
geritol/write-guard v0.4.0
Enforce file level write access for monorepos6 versions - Latest release: over 2 years ago - 1 dependent repositories - 8 stars on GitHub
hahwul/zest-env v1.1.4 💰
Zest CLI in Github action7 versions - Latest release: 9 days ago - 8 stars on GitHub
chaitin/veinmind-action v1.0.5
Scan images for security issues with veinmind-tools6 versions - Latest release: over 1 year ago - 2 dependent repositories - 8 stars on GitHub
marcuslindblom/security-headers v1.2.0 removed 💰
Quickly and easily assess the security of your HTTP response headers4 versions - Latest release: almost 3 years ago - 1 dependent repositories - 8 stars on GitHub
Top 6.7% on github actions
3 versions - Latest release: over 3 years ago - 76 dependent repositories - 8 stars on GitHub
RIGS-IT/xanitizer-action v1.0.1
GitHub action to download and install Xanitizer, and to run a Xanitizer security analysis in a Gi...3 versions - Latest release: over 3 years ago - 76 dependent repositories - 8 stars on GitHub
operous/test-ssh-action 0.1.0
SSH server vulnerability and security scanner with Operous5 versions - Latest release: over 2 years ago - 9 stars on GitHub
piraces/kube-score-ga v0.1.3 💰
Uses the kube-score analysis tool to perform static code analysis of your Kubernetes object defin...4 versions - Latest release: over 1 year ago - 5 dependent repositories - 9 stars on GitHub
kitabisa/gokart-action v1.0.0
Scan your code with GoKart to finds vulnerabilities using the SSA (single static assignment) form...1 version - Latest release: over 2 years ago - 1 dependent repositories - 9 stars on GitHub
Top 5.2% on github actions
55 versions - Latest release: 28 days ago - 73 dependent repositories - 9 stars on GitHub
checkmarx/ast-github-action 2.0.25
Simplify Checkmarx Scanning of source code along with Result consumption leveraging Checkmarx AST...55 versions - Latest release: 28 days ago - 73 dependent repositories - 9 stars on GitHub
DopplerHQ/secrets-fetch-action v1.2.0
Fetch Doppler secrets for a specific Project and Config6 versions - Latest release: about 2 months ago - 9 stars on GitHub
Top 6.1% on github actions
55 versions - Latest release: 28 days ago - 22 dependent repositories - 9 stars on GitHub
Checkmarx/ast-github-action 2.0.25
Simplify Checkmarx Scanning of source code along with Result consumption leveraging Checkmarx AST...55 versions - Latest release: 28 days ago - 22 dependent repositories - 9 stars on GitHub
jhutchings1/spdx-to-dependency-graph-action v0.0.2 removed
Upload SPDX SBOM files to the dependency graph's dependency submission API2 versions - Latest release: over 1 year ago - 6 dependent repositories - 10 stars on GitHub
Top 9.5% on github actions
9 versions - Latest release: 9 months ago - 88 dependent repositories - 10 stars on GitHub
erzz/dockle-action v1.4.0
Lint & Best Practices for container images with integrations to Github UI9 versions - Latest release: 9 months ago - 88 dependent repositories - 10 stars on GitHub
SecureStackCo/actions-abom v0.1.5
Create an Application Bill of Materials (ABOM) with SecureStack6 versions - Latest release: over 1 year ago - 10 stars on GitHub
CrowdStrike/container-image-scan-action v1.2.0
Scan your container image for vulnerabilities and malware12 versions - Latest release: about 2 months ago - 1 dependent repositories - 11 stars on GitHub
Threagile/run-threagile-action v1
Threat model analysis via open-source toolkit Threagile1 version - Latest release: over 3 years ago - 11 stars on GitHub
gacts/gitleaks v1.2.0
Installs and runs GitLeaks in your actions workflow11 versions - Latest release: 6 months ago - 70 dependent repositories - 11 stars on GitHub
Top 8.5% on github actions
6 versions - Latest release: about 1 year ago - 7 dependent repositories - 11 stars on GitHub
federacy/scan-action 0.1.5
SAST and Dependency Scanning6 versions - Latest release: about 1 year ago - 7 dependent repositories - 11 stars on GitHub
Top 7.2% on github actions
20 versions - Latest release: 3 months ago - 74 dependent repositories - 12 stars on GitHub
jbergstroem/hadolint-gh-action v1.12.2
A stable, well-tested, highly configurable way of checking your Dockerfile(s) with Hadolint20 versions - Latest release: 3 months ago - 74 dependent repositories - 12 stars on GitHub
tenable/accurics-action v2.0.3
The Accurics GitHub Action scans IaC (Infrastructure as Code) to help identify vulnerabilities pr...44 versions - Latest release: over 1 year ago - 12 stars on GitHub
Top 5.0% on github actions
10 versions - Latest release: 2 months ago - 84 dependent repositories - 12 stars on GitHub
jpetrucciani/bandit-check 1.7.8 💰
GitHub action to lint your python code with bandit10 versions - Latest release: 2 months ago - 84 dependent repositories - 12 stars on GitHub
Top 8.5% on github actions
44 versions - Latest release: over 1 year ago - 3 dependent repositories - 12 stars on GitHub
accurics/accurics-action v2.0.3
The Accurics GitHub Action scans IaC (Infrastructure as Code) to help identify vulnerabilities pr...44 versions - Latest release: over 1 year ago - 3 dependent repositories - 12 stars on GitHub
Related Keywords
github-actions
75
devsecops
29
security-tools
27
actions
25
security-automation
20
static-analysis
20
action
17
continuous-integration
14
hacktoberfest
12
github-action
12
ci
12
python
11
security-audit
11
devops
9
scanning
9
sast
9
security-scanner
9
compliance
8
cicd
8
secrets
8
github
8
aws
8
vulnerability-detection
7
lint
7
docker
7
vulnerability
7
scan
6
golang
5
linter
5
vulnerability-scanners
5
code-quality
5
analysis
5
kubernetes
5
deployment
5
testing
5
vulnerabilities
5
container
5
dast
5
workflow
5
static-code-analysis
4
deployment-automation
4
automation
4
code-scanning
4
terraform
4
software-composition-analysis
4
vulnerability-scanner
4
containers
4
sarif-report
4
secret-management
4
security-testing
4
appsec
4
security-vulnerability
4
php
3
iam
3
azure
3
ruby
3
dynamic-analysis
3
supply-chain-security
3
sca
3
appscan
3
review
3
rails
3
test
3
code-review
3
dependabot
3
dependency
3
sbom
3
supply-chain
3
checkmarx
3
cve
3
scanner
3
marketplace
3
linters
2
cloudformation
2
pip
2
bridgecrew
2
brakeman
2
container-security
2
cloud
2
workflows
2
google-cloud-platform
2
bugbounty
2
sarif
2
bandit
2
security-vulnerabilities
2
secrets-detection
2
nodejs
2
megalinter
2
kotlin
2
deployment-pipeline
2
java
2
ebpf
2
threat-modeling
2
bill-of-materials
2
automation-testing
2
secrets-manager
2
checkmarx-ast
2
hardening
2
secrets-scan
2
git
2