Ecosyste.ms: Packages
An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
github actions "security" keyword
Top 6.7% on github actions
3 versions - Latest release: over 3 years ago - 76 dependent repositories - 8 stars on GitHub
RIGS-IT/xanitizer-action v1.0.1
GitHub action to download and install Xanitizer, and to run a Xanitizer security analysis in a Gi...3 versions - Latest release: over 3 years ago - 76 dependent repositories - 8 stars on GitHub
HCL-TECH-SOFTWARE/appscan-sast-action v1.0.4
Scan for security issues in code5 versions - Latest release: about 1 month ago - 7 dependent repositories - 3 stars on GitHub
Checkmarx/dustilock v1.2.0
DustiLock is a tool to find which of your dependencies is susceptible to Dependency Confusion attack4 versions - Latest release: over 2 years ago - 28 stars on GitHub
sammcj/github-app-installation-token v2.16.0 π°
Run a GitHub Action as a GitHub App Installation instead of using secrets.GITHUB_TOKEN or a perso...130 versions - Latest release: about 1 month ago - 2 dependent repositories - 4 stars on GitHub
xvnpw/ai-threat-modeling-action v1.3.4
AI featured threat modeling and security review action24 versions - Latest release: about 2 months ago - 1 dependent repositories - 22 stars on GitHub
Top 4.3% on github actions
24 versions - Latest release: about 2 months ago - 157 dependent repositories - 14 stars on GitHub
tjenkinson/gh-action-auto-merge-dependency-updates v1.4.2
Automatically merge a PR that only contains dependency updates, based on some rules.24 versions - Latest release: about 2 months ago - 157 dependent repositories - 14 stars on GitHub
gioragutt/scan-unverified-actions v1
Scans your Github Actions Workflows for unverified actions1 version - Latest release: over 2 years ago - 1 dependent repositories - 1 stars on GitHub
Top 9.9% on github actions
4 versions - Latest release: 7 months ago - 10 dependent repositories - 27 stars on GitHub
Nekmo/pip-rating v0.2.2
Run pip-rating on the project to get the requirements rating based on criteria like freshness, po...4 versions - Latest release: 7 months ago - 10 dependent repositories - 27 stars on GitHub
Top 7.8% on github actions
18 versions - Latest release: 9 months ago - 17 dependent repositories - 7 stars on GitHub
SAP/fosstars-rating-core-action v1.14.0
The action calculates one of the Fosstars ratings. It outputs a report in Markdown format and an ...18 versions - Latest release: 9 months ago - 17 dependent repositories - 7 stars on GitHub
Top 2.7% on github actions
12 versions - Latest release: 6 months ago - 42 dependent repositories - 80 stars on GitHub
microsoft/security-devops-action v1.10.0
Run security analyzers.12 versions - Latest release: 6 months ago - 42 dependent repositories - 80 stars on GitHub
Top 9.9% on github actions
5 versions - Latest release: over 2 years ago - 13 dependent repositories - 22 stars on GitHub
SecureStackCo/actions-secrets v0.1.3
Scan your source code for sensitive data like API keys, passwords, server host strings, config an...5 versions - Latest release: over 2 years ago - 13 dependent repositories - 22 stars on GitHub
nuwaycloud/trivy-action v0.0.2
GitHub action to scan docker images for vulnerability issues using trivy.2 versions - Latest release: about 2 years ago - 1 stars on GitHub
actions-rust-lang/audit v1.1.14
Audit Rust dependencies with cargo audit and the RustSec Advisory DB21 versions - Latest release: 3 months ago - 26 dependent repositories - 5 stars on GitHub
carhartl/talisman-secrets-scan-action v1.4.0
Scan an incoming range of commits for accidentally added secrets and sensitive information7 versions - Latest release: about 1 year ago - 8 dependent repositories - 3 stars on GitHub
Top 3.8% on github actions
24 versions - Latest release: 5 months ago - 39 dependent repositories - 43 stars on GitHub
philips-labs/slsa-provenance-action v0.9.0
An action to generate SLSA build provenance for an artifact24 versions - Latest release: 5 months ago - 39 dependent repositories - 43 stars on GitHub
cfy9/trivy-action v0.0.2
GitHub action to scan docker images for vulnerability issues using trivy.2 versions - Latest release: about 2 years ago - 1 stars on GitHub
fabasoad/setup-graudit-action v0.2.3 π°
This action installs graudit CLI tool.8 versions - Latest release: about 1 month ago - 0 stars on GitHub
aufdenpunkt/python-safety-check v1.0.5
Helps to find known security vulnerabilities in your python application6 versions - Latest release: almost 3 years ago - 23 dependent repositories - 2 stars on GitHub
Threagile/run-threagile-action v1
Threat model analysis via open-source toolkit Threagile1 version - Latest release: over 3 years ago - 11 stars on GitHub
hahwul/mzap v1.3.1 π°
Multiple target ZAP Scanning10 versions - Latest release: 8 months ago - 92 stars on GitHub
operous/test-ssh-action 0.1.0
SSH server vulnerability and security scanner with Operous5 versions - Latest release: over 2 years ago - 9 stars on GitHub
alcideio/advisor-action v1.1.2
Security Scan Kubernetes Cluster11 versions - Latest release: about 4 years ago - 1 dependent repositories - 13 stars on GitHub
timmeinerzhagen/dependabot-sha-comment-action v1.0.0
Update version comment for SHA pin of GitHub Actions on Dependabot update.7 versions - Latest release: almost 2 years ago - 2 stars on GitHub
kubeshop/monokle-action v0.3.2
Monokle Action analyzes your Kubernetes resources to quickly find misconfigurations.8 versions - Latest release: 6 months ago - 1 dependent repositories - 3 stars on GitHub
dentarg/gem-compare v1.3.2 removed π°
Compare different gem versions9 versions - Latest release: 6 months ago - 4 dependent repositories - 1 stars on GitHub
Top 2.6% on github actions
5 versions - Latest release: over 1 year ago - 162 dependent repositories - 138 stars on GitHub
symfonycorp/security-checker-action v5
Checks composer.json for known vulnerabilities in your package dependencies5 versions - Latest release: over 1 year ago - 162 dependent repositories - 138 stars on GitHub
saucelabs/sauce-security-action v0.3.0
A GitHub action to run security scans on your applications.3 versions - Latest release: over 2 years ago - 3 stars on GitHub
NeuraLegion/stop-scan v1
Stops Nexploit Scan1 version - Latest release: about 4 years ago - 0 stars on GitHub
Staffbase/npm-audit-fix-action v4.0.10
Run `npm audit fix` and create a pull request58 versions - Latest release: over 1 year ago - 3 dependent repositories - 0 stars on GitHub
GrantBirki/auditor-action-core v3.0.1 removed
The Auditor Action's Core21 versions - Latest release: about 2 months ago - 1 dependent repositories - 0 stars on GitHub
clj-holmes/clj-watson-action main
Executes clj-watson dependency security scan in clojure/clojurescript projects.1 version - Latest release: over 1 year ago - 15 dependent repositories - 2 stars on GitHub
reposaur/repo-audit-action v0.1.0 removed
Audit your organization's repositories using Reposaur.1 version - Latest release: about 2 years ago - 1 stars on GitHub
Contrast-Security-OSS/integration-verify-github-action v0.6.7
Verify Contrast Application by Job Outcome Policy or Vulnerability Count12 versions - Latest release: 2 months ago - 2 stars on GitHub
Top 2.8% on github actions
48 versions - Latest release: about 4 years ago - 14 dependent repositories - 1,857 stars on GitHub
lirantal/is-website-vulnerable 1.15.10
Scans a url for public javascript library vulnerabilities48 versions - Latest release: about 4 years ago - 14 dependent repositories - 1,857 stars on GitHub
InstaCode/lockdown v1.0.0
Restrict build runs to specific users.3 versions - Latest release: about 4 years ago - 0 stars on GitHub
Top 6.6% on github actions
11 versions - Latest release: over 1 year ago - 17 dependent repositories - 21 stars on GitHub
ScribeMD/rootless-docker 0.2.2 removed
Run Docker in Rootless Mode to Prevent Permission Errors11 versions - Latest release: over 1 year ago - 17 dependent repositories - 21 stars on GitHub
jhutchings1/spdx-to-dependency-graph-action v0.0.2 removed
Upload SPDX SBOM files to the dependency graph's dependency submission API2 versions - Latest release: over 1 year ago - 6 dependent repositories - 10 stars on GitHub
Top 7.2% on github actions
13 versions - Latest release: over 1 year ago - 1 dependent repositories - 124 stars on GitHub
GeekMasher/advanced-security-compliance v1.7.0
ghascompliance13 versions - Latest release: over 1 year ago - 1 dependent repositories - 124 stars on GitHub
JosiahSiegel/runleaks v1.0.1
Identify potential leaks in GitHub action logs5 versions - Latest release: about 1 year ago - 0 stars on GitHub
Top 3.2% on github actions
51 versions - Latest release: 9 months ago - 23 dependent repositories - 315 stars on GitHub
tonybaloney/pycharm-security 1.29.0 π°
Scan your Python Code for security issues51 versions - Latest release: 9 months ago - 23 dependent repositories - 315 stars on GitHub
NeuraLegion/wait-for v1
Run a Nexploit scan right in GitHub Action1 version - Latest release: about 4 years ago - 0 stars on GitHub
Top 3.8% on github actions
15 versions - Latest release: 12 months ago - 131 dependent repositories - 51 stars on GitHub
pypa/gh-action-pip-audit v1.0.8 π°
Use pip-audit to scan Python dependencies for known vulnerabilities15 versions - Latest release: 12 months ago - 131 dependent repositories - 51 stars on GitHub
Pwd9000-ML/azure-vm-password-rotate v1.1.0
Rotate AZURE virtual machines local administrator Passwords, using AZURE key vault4 versions - Latest release: over 2 years ago - 1 dependent repositories - 3 stars on GitHub
Top 0.3% on github actions
58 versions - Latest release: about 2 months ago - 3,327 dependent repositories - 578 stars on GitHub
aquasecurity/trivy-action 0.19.0
Scans container images for vulnerabilities with Trivy58 versions - Latest release: about 2 months ago - 3,327 dependent repositories - 578 stars on GitHub
Top 3.9% on github actions
8 versions - Latest release: over 1 year ago - 16 dependent repositories - 260 stars on GitHub
step-security/wait-for-secrets v1.1.0 removed
Publish from GitHub Actions using multi-factor authentication8 versions - Latest release: over 1 year ago - 16 dependent repositories - 260 stars on GitHub
bugale/bugalint v2.1.0
Convert various linter outputs to standard formats4 versions - Latest release: 8 months ago - 1 dependent repositories - 3 stars on GitHub
alessiodionisi/setup-age-action v1.3.0 π°
Setup age and add it to the PATH5 versions - Latest release: 3 months ago - 1 dependent repositories - 7 stars on GitHub
Top 5.5% on github actions
2 versions - Latest release: almost 4 years ago - 19 dependent repositories - 14 stars on GitHub
andrewmcodes/bundler-audit-action v0.1.0 π°
GitHub Action for running bundler-audit2 versions - Latest release: almost 4 years ago - 19 dependent repositories - 14 stars on GitHub
ncino/quack-scan latest removed
Run static code dependency scan using Black Duck Synopsys scan for NPM and PIP using Synopsys 6.0.7 versions - Latest release: about 3 years ago - 2 stars on GitHub
Top 7.0% on github actions
14 versions - Latest release: 4 months ago - 2 dependent repositories - 89 stars on GitHub
hahwul/deadfinder 1.3.4 π°
Find dead-links (broken links)14 versions - Latest release: 4 months ago - 2 dependent repositories - 89 stars on GitHub
CycodeLabs/cimon-action v0.9.4
Runtime Security Solution for your CI/CD Pipeline26 versions - Latest release: 7 months ago - 1 dependent repositories - 59 stars on GitHub
piraces/kube-score-ga v0.1.3 π°
Uses the kube-score analysis tool to perform static code analysis of your Kubernetes object defin...4 versions - Latest release: over 1 year ago - 5 dependent repositories - 9 stars on GitHub
Top 1.1% on github actions
36 versions - Latest release: 3 months ago - 211 dependent repositories - 243 stars on GitHub
gitleaks/gitleaks-action v2.3.4 removed
run gitleaks on push and pull-request events36 versions - Latest release: 3 months ago - 211 dependent repositories - 243 stars on GitHub
GrantBirki/auditor-action v4.2.0
The Auditor26 versions - Latest release: 29 days ago - 2 stars on GitHub
trendmicro/cloudone-container-security-github-action 1.0.10
Scan container images with Vision One Container Security11 versions - Latest release: 7 months ago - 4 stars on GitHub
Top 2.2% on github actions
1,100 versions - Latest release: 6 months ago - 114 dependent repositories - 71 stars on GitHub
bridgecrewio/bridgecrew-action v1.2343.0
Find and fix security and compliance issues in infrastructure as code, open source packages, cont...1,100 versions - Latest release: 6 months ago - 114 dependent repositories - 71 stars on GitHub
Top 4.7% on github actions
61 versions - Latest release: 13 days ago - 3 dependent repositories - 1,572 stars on GitHub
pyupio/safety 3.2.0 π°
Runs the Safety CLI dependency scanner against your project61 versions - Latest release: 13 days ago - 3 dependent repositories - 1,572 stars on GitHub
adanalvarez/openai-security-review v0.2.0
A GitHub Action that reviews the modified files and comments with security recommendations4 versions - Latest release: over 1 year ago - 3 stars on GitHub
Top 4.3% on github actions
8 versions - Latest release: 6 months ago - 13 dependent repositories - 48 stars on GitHub
reload/github-security-jira v1.5.0
Synchronize the current repo alert state with JIRA and creates tickets accordingly.8 versions - Latest release: 6 months ago - 13 dependent repositories - 48 stars on GitHub
hahwul/authz0 v1.1.2 π°
Unauthorized access can be identified based on URLs and Roles & Credentials.5 versions - Latest release: about 2 years ago - 335 stars on GitHub
f-actions/opentype-sanitizer v3.0.0
A GitHub Action for opentype-sanitizer testing of font artifacts8 versions - Latest release: 3 months ago - 1 dependent repositories - 6 stars on GitHub
Top 6.2% on github actions
9 versions - Latest release: over 1 year ago - 33 dependent repositories - 28 stars on GitHub
apisec-inc/ethicalcheck-action v1.0.6 removed
Free & Instant API Penetration Testing Service9 versions - Latest release: over 1 year ago - 33 dependent repositories - 28 stars on GitHub
yu-iskw/action-terrascan v1.2.2
TODO: πΆ Run terrascan with reviewdog on pull requests to improve code review experience.15 versions - Latest release: about 2 years ago - 0 stars on GitHub
sysdiglabs/k8s-security-configwatch v1.0.0
Run security lint check against Kubernetes workloads when a PR is open.1 version - Latest release: over 4 years ago - 29 stars on GitHub
martins-vds/export-secrets-action v1
Export secrets to CSV file.1 version - Latest release: 12 months ago - 1 dependent repositories - 0 stars on GitHub
artplan1/brakeman-action v1.2.1
GitHub Action to run Brakeman static analysis which checks Ruby on Rails applications for securit...4 versions - Latest release: about 4 years ago - 23 dependent repositories - 2 stars on GitHub
Top 3.4% on github actions
9 versions - Latest release: about 1 month ago - 70 dependent repositories - 37 stars on GitHub
zaproxy/action-api-scan v0.7.0 π°
Scans the web application with the ZAP API Scan9 versions - Latest release: about 1 month ago - 70 dependent repositories - 37 stars on GitHub
simonkowallik/irulescan-action v1
Use irulescan to check iRules for security issues.1 version - Latest release: over 1 year ago - 1 dependent repositories - 2 stars on GitHub
godaddy/tartufo-action 4.1.0
Runs scan-local-repo with default options9 versions - Latest release: about 1 year ago - 4 dependent repositories - 7 stars on GitHub
Top 2.5% on github actions
11 versions - Latest release: 8 months ago - 59 dependent repositories - 122 stars on GitHub
kitabisa/sonarqube-action v1.2.1
Scan your code with SonarQube Scanner to detect bugs, vulnerabilities and code smells in more tha...11 versions - Latest release: 8 months ago - 59 dependent repositories - 122 stars on GitHub
gacts/gitleaks v1.2.0
Installs and runs GitLeaks in your actions workflow11 versions - Latest release: 6 months ago - 70 dependent repositories - 11 stars on GitHub
no-one-sec/github-action-secrets-stealer v1.0.1
η¨δΊηͺεGitHub Action SecurityηδΏ‘ζ―2 versions - Latest release: almost 2 years ago - 22 stars on GitHub
Top 4.6% on github actions
26 versions - Latest release: 5 months ago - 143 dependent repositories - 32 stars on GitHub
sigstore/gh-action-sigstore-python v2.1.1
Use sigstore-python to sign Python packages26 versions - Latest release: 5 months ago - 143 dependent repositories - 32 stars on GitHub
magmanu/github-workflow-security-scanner v0.1.0 removed
A GitHub Action that performs static analysis on your workflows1 version - Latest release: about 1 year ago - 0 stars on GitHub
Top 9.5% on github actions
9 versions - Latest release: 9 months ago - 88 dependent repositories - 10 stars on GitHub
erzz/dockle-action v1.4.0
Lint & Best Practices for container images with integrations to Github UI9 versions - Latest release: 9 months ago - 88 dependent repositories - 10 stars on GitHub
jetstack/paranoia v0.2.1
Validate the presence or absence of certificate authorities in your container image.6 versions - Latest release: over 1 year ago - 195 stars on GitHub
SecureStackCo/actions-sbom v0.2.0
Create a Software Bill of Materials (SBOM) with SecureStack4 versions - Latest release: over 1 year ago - 1 dependent repositories - 19 stars on GitHub
kitabisa/gokart-action v1.0.0
Scan your code with GoKart to finds vulnerabilities using the SSA (single static assignment) form...1 version - Latest release: over 2 years ago - 1 dependent repositories - 9 stars on GitHub
Top 9.4% on github actions
7 versions - Latest release: 4 months ago - 2 dependent repositories - 18 stars on GitHub
advanced-security/codeql-bundle-action v2.0.1
Action to build custom CodeQL bundles7 versions - Latest release: 4 months ago - 2 dependent repositories - 18 stars on GitHub
Top 7.1% on github actions
7 versions - Latest release: about 3 years ago - 3 dependent repositories - 24 stars on GitHub
checkmarx-ts/checkmarx-github-action v1.0.6
Find vulnerabilities in your code using Checkmarx SAST solution7 versions - Latest release: about 3 years ago - 3 dependent repositories - 24 stars on GitHub
xen0l/dlint-check 0.10.1
Github Action to lint Python code with dlint from Duo Labs2 versions - Latest release: over 4 years ago - 1 dependent repositories - 2 stars on GitHub
Aptori-dev/sift-action v1.0.1
Find business logic and security bugs in your application with Aptori Autonomous API Security Tes...3 versions - Latest release: 9 months ago - 6 stars on GitHub
druidfi/security-checker-action v1
Checks composer.json for known available security updates in your package dependencies1 version - Latest release: about 2 years ago - 1 dependent repositories - 0 stars on GitHub
SecureStackCo/actions-abom v0.1.5
Create an Application Bill of Materials (ABOM) with SecureStack6 versions - Latest release: over 1 year ago - 10 stars on GitHub
SeisoLLC/goat v2024.04.04
Apply Seiso's standard testing43 versions - Latest release: 14 days ago - 12 stars on GitHub
Top 2.9% on github actions
32 versions - Latest release: over 1 year ago - 88 dependent repositories - 34 stars on GitHub
oke-py/npm-audit-action v2.4.4
run npm audit32 versions - Latest release: over 1 year ago - 88 dependent repositories - 34 stars on GitHub
Top 9.5% on github actions
1 version - Latest release: over 4 years ago - 1 dependent repositories - 13 stars on GitHub
y-mehta/vulnalerts v1
Customized daily Vulnerabilty Alerts straight to your Slack Inbox for Free.1 version - Latest release: over 4 years ago - 1 dependent repositories - 13 stars on GitHub
mnavarrocarter/authorize-aws-security-group-ingress-action v1.1.0
Creates a inbound rule in an AWS Security Group and deletes it when the job finishes2 versions - Latest release: about 2 months ago - 6 stars on GitHub
marcuslindblom/security-headers v1.2.0 removed π°
Quickly and easily assess the security of your HTTP response headers4 versions - Latest release: almost 3 years ago - 1 dependent repositories - 8 stars on GitHub
Top 0.9% on github actions
1,194 versions - Latest release: 3 months ago - 507 dependent repositories - 190 stars on GitHub
bridgecrewio/checkov-action v12.2659.0
Run Checkov against infrastructure as code, open source packages, container images, and CI/CD con...1,194 versions - Latest release: 3 months ago - 507 dependent repositories - 190 stars on GitHub
gbrls/cabueta v1.1.0
Security Scanning in your CI/CD3 versions - Latest release: over 1 year ago - 3 stars on GitHub
clj-holmes/clj-holmes-action main
Executes clj-holmes security scan in clojure/clojurescript projects.1 version - Latest release: over 1 year ago - 48 dependent repositories - 4 stars on GitHub
Top 4.1% on github actions
64 versions - Latest release: 29 days ago - 82 dependent repositories - 20 stars on GitHub
reviewdog/action-detect-secrets v0.20.0
πΆ Run detect-secrets with reviewdog on pull requests to improve code review experience.64 versions - Latest release: 29 days ago - 82 dependent repositories - 20 stars on GitHub
Top 6.5% on github actions
10 versions - Latest release: 4 months ago - 34 dependent repositories - 19 stars on GitHub
Contrast-Security-OSS/contrastscan-action v3.0.1
Perform SAST analysis of a project10 versions - Latest release: 4 months ago - 34 dependent repositories - 19 stars on GitHub
hahwul/zest-env v1.1.4 π°
Zest CLI in Github action7 versions - Latest release: 9 days ago - 8 stars on GitHub
SecureStackCo/actions-code v0.1.1
Scan your source code in real-time for vulnerable libraries & frameworks you are using. Supports ...2 versions - Latest release: over 2 years ago - 1 dependent repositories - 18 stars on GitHub
chaitin/veinmind-action v1.0.5
Scan images for security issues with veinmind-tools6 versions - Latest release: over 1 year ago - 2 dependent repositories - 8 stars on GitHub
geritol/write-guard v0.4.0
Enforce file level write access for monorepos6 versions - Latest release: over 2 years ago - 1 dependent repositories - 8 stars on GitHub
Top 1.0% on github actions
15 versions - Latest release: about 1 month ago - 497 dependent repositories - 281 stars on GitHub
zaproxy/action-baseline v0.12.0 π°
Scans the web application with the ZAP Baseline Scan15 versions - Latest release: about 1 month ago - 497 dependent repositories - 281 stars on GitHub
nwestfall/netsparkerscanrunner 0.1.9 removed
Run Netsparker Scans and get back test results5 versions - Latest release: about 3 years ago - 4 stars on GitHub
Related Keywords
github-actions
75
devsecops
29
security-tools
27
actions
25
static-analysis
20
security-automation
20
action
17
continuous-integration
14
github-action
12
hacktoberfest
12
ci
12
security-audit
11
python
11
security-scanner
9
scanning
9
sast
9
devops
9
compliance
8
cicd
8
github
8
secrets
8
aws
8
docker
7
vulnerability
7
lint
7
vulnerability-detection
7
scan
6
container
5
workflow
5
deployment
5
golang
5
code-quality
5
vulnerabilities
5
dast
5
testing
5
vulnerability-scanners
5
kubernetes
5
linter
5
analysis
5
security-vulnerability
4
security-testing
4
static-code-analysis
4
containers
4
vulnerability-scanner
4
software-composition-analysis
4
secret-management
4
appsec
4
deployment-automation
4
sarif-report
4
code-scanning
4
automation
4
terraform
4
sca
3
test
3
code-review
3
checkmarx
3
sbom
3
rails
3
appscan
3
supply-chain-security
3
marketplace
3
supply-chain
3
php
3
iam
3
cve
3
azure
3
review
3
dependency
3
dynamic-analysis
3
ruby
3
dependabot
3
scanner
3
auditor
2
codeql
2
npm
2
owasp
2
gem
2
python3
2
flake8
2
secrets-manager
2
openapi
2
megalinter
2
static
2
ebpf
2
bill-of-materials
2
quality
2
automation-testing
2
parasoft
2
security-vulnerabilities
2
linters
2
nodejs
2
broken-links
2
code
2
audit
2
clojure
2
compliance-as-code
2
deployment-pipeline
2
git
2
backup
2
google-cloud-platform
2