Ecosyste.ms: Packages
An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
github actions "security" keyword
adanalvarez/openai-security-review v0.2.0
A GitHub Action that reviews the modified files and comments with security recommendations4 versions - Latest release: over 1 year ago - 3 stars on GitHub
CycodeLabs/cimon-action v0.9.4
Runtime Security Solution for your CI/CD Pipeline26 versions - Latest release: 7 months ago - 1 dependent repositories - 59 stars on GitHub
Top 7.0% on github actions
14 versions - Latest release: 4 months ago - 2 dependent repositories - 89 stars on GitHub
hahwul/deadfinder 1.3.4 💰
Find dead-links (broken links)14 versions - Latest release: 4 months ago - 2 dependent repositories - 89 stars on GitHub
Top 3.2% on github actions
51 versions - Latest release: 10 months ago - 23 dependent repositories - 315 stars on GitHub
tonybaloney/pycharm-security 1.29.0 💰
Scan your Python Code for security issues51 versions - Latest release: 10 months ago - 23 dependent repositories - 315 stars on GitHub
Top 9.9% on github actions
5 versions - Latest release: over 2 years ago - 13 dependent repositories - 22 stars on GitHub
SecureStackCo/actions-secrets v0.1.3
Scan your source code for sensitive data like API keys, passwords, server host strings, config an...5 versions - Latest release: over 2 years ago - 13 dependent repositories - 22 stars on GitHub
Top 4.3% on github actions
24 versions - Latest release: about 2 months ago - 157 dependent repositories - 14 stars on GitHub
tjenkinson/gh-action-auto-merge-dependency-updates v1.4.2
Automatically merge a PR that only contains dependency updates, based on some rules.24 versions - Latest release: about 2 months ago - 157 dependent repositories - 14 stars on GitHub
actions-rust-lang/audit v1.1.14
Audit Rust dependencies with cargo audit and the RustSec Advisory DB21 versions - Latest release: 3 months ago - 26 dependent repositories - 5 stars on GitHub
Top 6.5% on github actions
8 versions - Latest release: 9 months ago - 4 dependent repositories - 50 stars on GitHub
aquasecurity/tracee-action v0.4.0-stop
Protect your GitHub Actions pipelines with eBPF profiling8 versions - Latest release: 9 months ago - 4 dependent repositories - 50 stars on GitHub
NeuraLegion/run-scan v1
Run a Nexploit scan right in GitHub Action3 versions - Latest release: about 4 years ago - 26 dependent repositories - 2 stars on GitHub
rcowsill/workflow-scan-action v3.0.0
Scan GitHub Actions workflow files with CodeQL4 versions - Latest release: 4 months ago - 2 dependent repositories - 2 stars on GitHub
Top 2.9% on github actions
32 versions - Latest release: over 1 year ago - 88 dependent repositories - 34 stars on GitHub
oke-py/npm-audit-action v2.4.4
run npm audit32 versions - Latest release: over 1 year ago - 88 dependent repositories - 34 stars on GitHub
martins-vds/export-secrets-action v1
Export secrets to CSV file.1 version - Latest release: about 1 year ago - 1 dependent repositories - 0 stars on GitHub
Top 4.3% on github actions
8 versions - Latest release: 6 months ago - 13 dependent repositories - 48 stars on GitHub
reload/github-security-jira v1.5.0
Synchronize the current repo alert state with JIRA and creates tickets accordingly.8 versions - Latest release: 6 months ago - 13 dependent repositories - 48 stars on GitHub
Top 2.6% on github actions
5 versions - Latest release: over 1 year ago - 162 dependent repositories - 138 stars on GitHub
symfonycorp/security-checker-action v5
Checks composer.json for known vulnerabilities in your package dependencies5 versions - Latest release: over 1 year ago - 162 dependent repositories - 138 stars on GitHub
InstaCode/lockdown v1.0.0
Restrict build runs to specific users.3 versions - Latest release: about 4 years ago - 0 stars on GitHub
Staffbase/npm-audit-fix-action v4.0.10
Run `npm audit fix` and create a pull request58 versions - Latest release: over 1 year ago - 3 dependent repositories - 0 stars on GitHub
Top 6.7% on github actions
3 versions - Latest release: over 3 years ago - 76 dependent repositories - 8 stars on GitHub
RIGS-IT/xanitizer-action v1.0.1
GitHub action to download and install Xanitizer, and to run a Xanitizer security analysis in a Gi...3 versions - Latest release: over 3 years ago - 76 dependent repositories - 8 stars on GitHub
Top 4.7% on github actions
19 versions - Latest release: 2 months ago - 68 dependent repositories - 35 stars on GitHub
djdefi/gitavscan 19 💰
Anti Virus scan for malicious files in a Git repository19 versions - Latest release: 2 months ago - 68 dependent repositories - 35 stars on GitHub
Checkmarx/dustilock v1.2.0
DustiLock is a tool to find which of your dependencies is susceptible to Dependency Confusion attack4 versions - Latest release: over 2 years ago - 28 stars on GitHub
recognizegroup/recognize-vulnerability-report-action v1.1.0
Create a report of the vulnerabilities that are found and add it as a comment to a pull request.3 versions - Latest release: over 1 year ago - 1 dependent repositories - 0 stars on GitHub
Top 0.6% on github actions
21 versions - Latest release: about 1 month ago - 11,383 dependent repositories - 253 stars on GitHub
gradle/wrapper-validation-action v3.3.2 removed
Validates Gradle Wrapper JAR Files21 versions - Latest release: about 1 month ago - 11,383 dependent repositories - 253 stars on GitHub
Top 5.1% on github actions
5 versions - Latest release: over 2 years ago - 48 dependent repositories - 14 stars on GitHub
redhat-actions/crda v1.0.0
Analyse vulnerabilities in application dependencies5 versions - Latest release: over 2 years ago - 48 dependent repositories - 14 stars on GitHub
clj-holmes/clj-holmes-action main
Executes clj-holmes security scan in clojure/clojurescript projects.1 version - Latest release: almost 2 years ago - 48 dependent repositories - 4 stars on GitHub
SeisoLLC/goat v2024.04.04
Apply Seiso's standard testing43 versions - Latest release: 28 days ago - 12 stars on GitHub
godaddy/tartufo-action 4.1.0
Runs scan-local-repo with default options9 versions - Latest release: about 1 year ago - 4 dependent repositories - 7 stars on GitHub
clj-holmes/clj-watson-action main
Executes clj-watson dependency security scan in clojure/clojurescript projects.1 version - Latest release: almost 2 years ago - 15 dependent repositories - 2 stars on GitHub
Top 9.9% on github actions
4 versions - Latest release: 8 months ago - 10 dependent repositories - 27 stars on GitHub
Nekmo/pip-rating v0.2.2
Run pip-rating on the project to get the requirements rating based on criteria like freshness, po...4 versions - Latest release: 8 months ago - 10 dependent repositories - 27 stars on GitHub
DopplerHQ/secrets-fetch-action v1.2.0
Fetch Doppler secrets for a specific Project and Config6 versions - Latest release: 2 months ago - 9 stars on GitHub
Top 8.6% on github actions
3 versions - Latest release: 4 months ago - 1 dependent repositories - 39 stars on GitHub
DopplerHQ/cli-action v3
Install the Doppler CLI into your PATH3 versions - Latest release: 4 months ago - 1 dependent repositories - 39 stars on GitHub
UlisesGascon/openssf-scorecard-monitor v1.0.1
Monitor OpenSSF Scorecard Evolution over time9 versions - Latest release: over 1 year ago - 3 dependent repositories - 19 stars on GitHub
Top 4.6% on github actions
26 versions - Latest release: 6 months ago - 143 dependent repositories - 32 stars on GitHub
sigstore/gh-action-sigstore-python v2.1.1
Use sigstore-python to sign Python packages26 versions - Latest release: 6 months ago - 143 dependent repositories - 32 stars on GitHub
Top 7.2% on github actions
20 versions - Latest release: 4 months ago - 74 dependent repositories - 12 stars on GitHub
jbergstroem/hadolint-gh-action v1.12.2
A stable, well-tested, highly configurable way of checking your Dockerfile(s) with Hadolint20 versions - Latest release: 4 months ago - 74 dependent repositories - 12 stars on GitHub
Top 3.8% on github actions
15 versions - Latest release: about 1 year ago - 131 dependent repositories - 51 stars on GitHub
pypa/gh-action-pip-audit v1.0.8 💰
Use pip-audit to scan Python dependencies for known vulnerabilities15 versions - Latest release: about 1 year ago - 131 dependent repositories - 51 stars on GitHub
hashicorp/setup-signore v2.1.0
setup-signore downloads, installs, and configures the signore signing service client9 versions - Latest release: about 1 year ago - 9 dependent repositories - 0 stars on GitHub
Top 3.5% on github actions
9 versions - Latest release: 3 months ago - 65 dependent repositories - 29 stars on GitHub
stackrox/kube-linter-action v1.0.5
Scan directory or file with kube-linter9 versions - Latest release: 3 months ago - 65 dependent repositories - 29 stars on GitHub
xen0l/iam-lint v2
Github Action to lint AWS IAM policy document files with parliament from DUo Labs2 versions - Latest release: over 4 years ago - 1 dependent repositories - 33 stars on GitHub
hahwul/zest-env v1.1.4 💰
Zest CLI in Github action7 versions - Latest release: 23 days ago - 8 stars on GitHub
Top 2.2% on github actions
1,100 versions - Latest release: 6 months ago - 114 dependent repositories - 71 stars on GitHub
bridgecrewio/bridgecrew-action v1.2343.0
Find and fix security and compliance issues in infrastructure as code, open source packages, cont...1,100 versions - Latest release: 6 months ago - 114 dependent repositories - 71 stars on GitHub
secrethub/actions v0.2.1
Load secrets into your GitHub workflows3 versions - Latest release: over 3 years ago - 46 stars on GitHub
SecureStackCo/actions-sbom v0.2.0
Create a Software Bill of Materials (SBOM) with SecureStack4 versions - Latest release: almost 2 years ago - 1 dependent repositories - 19 stars on GitHub
Top 3.4% on github actions
9 versions - Latest release: about 2 months ago - 70 dependent repositories - 37 stars on GitHub
zaproxy/action-api-scan v0.7.0 💰
Scans the web application with the ZAP API Scan9 versions - Latest release: about 2 months ago - 70 dependent repositories - 37 stars on GitHub
xen0l/dlint-check 0.10.1
Github Action to lint Python code with dlint from Duo Labs2 versions - Latest release: over 4 years ago - 1 dependent repositories - 2 stars on GitHub
Traceableai/ast-action 0.0.5
GitHub action for Traceable Active Security Testing6 versions - Latest release: about 1 year ago - 1 dependent repositories - 5 stars on GitHub
Top 5.0% on github actions
10 versions - Latest release: 3 months ago - 84 dependent repositories - 12 stars on GitHub
jpetrucciani/bandit-check 1.7.8 💰
GitHub action to lint your python code with bandit10 versions - Latest release: 3 months ago - 84 dependent repositories - 12 stars on GitHub
HCL-TECH-SOFTWARE/appscan-sast-action v1.0.4
Scan for security issues in code5 versions - Latest release: about 2 months ago - 7 dependent repositories - 3 stars on GitHub
embold/github-action-docker v0.2
Embold design and code quality scanning engine2 versions - Latest release: over 2 years ago - 1 dependent repositories - 2 stars on GitHub
grolston/guard-action 1.0
Guard ShiftLeft1 version - Latest release: almost 2 years ago - 1 dependent repositories - 2 stars on GitHub
kahu-app/github-action v0.3.1
Dependency security check8 versions - Latest release: 10 months ago - 0 stars on GitHub
hoeg/semgrep-report v1.0.2
Report Semgrep findimgs to PRs with suggested changes5 versions - Latest release: 11 months ago - 0 stars on GitHub
Top 9.1% on github actions
6 versions - Latest release: over 1 year ago - 9 dependent repositories - 7 stars on GitHub
nowsecure/nowsecure-sbom-action v2.0.0
Generate a Mobile SBOM for an application and submit to the Dependency submission API6 versions - Latest release: over 1 year ago - 9 dependent repositories - 7 stars on GitHub
Top 7.9% on github actions
5 versions - Latest release: over 3 years ago - 1 dependent repositories - 59 stars on GitHub
victoriadrake/hugo-remote v1.1.1 💰
🚀 Build and deploy a Hugo site to a remote repository with latest extended Hugo.5 versions - Latest release: over 3 years ago - 1 dependent repositories - 59 stars on GitHub
Top 2.5% on github actions
11 versions - Latest release: 8 months ago - 59 dependent repositories - 122 stars on GitHub
kitabisa/sonarqube-action v1.2.1
Scan your code with SonarQube Scanner to detect bugs, vulnerabilities and code smells in more tha...11 versions - Latest release: 8 months ago - 59 dependent repositories - 122 stars on GitHub
piraces/kube-score-ga v0.1.3 💰
Uses the kube-score analysis tool to perform static code analysis of your Kubernetes object defin...4 versions - Latest release: over 1 year ago - 5 dependent repositories - 9 stars on GitHub
Top 5.5% on github actions
2 versions - Latest release: almost 4 years ago - 19 dependent repositories - 14 stars on GitHub
andrewmcodes/bundler-audit-action v0.1.0 💰
GitHub Action for running bundler-audit2 versions - Latest release: almost 4 years ago - 19 dependent repositories - 14 stars on GitHub
alessiodionisi/setup-age-action v1.3.0 💰
Setup age and add it to the PATH5 versions - Latest release: 3 months ago - 1 dependent repositories - 7 stars on GitHub
silverhack/monkey365 v0.91.2-beta
Install and run PSScriptAnalyzer5 versions - Latest release: 5 months ago - 630 stars on GitHub
Top 6.5% on github actions
10 versions - Latest release: 4 months ago - 34 dependent repositories - 19 stars on GitHub
Contrast-Security-OSS/contrastscan-action v3.0.1
Perform SAST analysis of a project10 versions - Latest release: 4 months ago - 34 dependent repositories - 19 stars on GitHub
dentarg/gem-compare v1.3.2 removed 💰
Compare different gem versions9 versions - Latest release: 6 months ago - 4 dependent repositories - 1 stars on GitHub
kattecon/gh-app-access-token-gen v1.0.0
Generates a GitHub Access Token for a Github App based upon specific inputs.2 versions - Latest release: about 1 year ago - 1 dependent repositories - 1 stars on GitHub
f-actions/opentype-sanitizer v3.0.0
A GitHub Action for opentype-sanitizer testing of font artifacts8 versions - Latest release: 3 months ago - 1 dependent repositories - 6 stars on GitHub
Top 1.1% on github actions
36 versions - Latest release: 3 months ago - 211 dependent repositories - 243 stars on GitHub
gitleaks/gitleaks-action v2.3.4 removed
run gitleaks on push and pull-request events36 versions - Latest release: 3 months ago - 211 dependent repositories - 243 stars on GitHub
sudo-bot/action-docker-sign latest
Sign docker images1 version - Latest release: almost 3 years ago - 10 dependent repositories - 6 stars on GitHub
NeuraLegion/wait-for v1
Run a Nexploit scan right in GitHub Action1 version - Latest release: about 4 years ago - 0 stars on GitHub
nwestfall/netsparkerscanrunner 0.1.9 removed
Run Netsparker Scans and get back test results5 versions - Latest release: over 3 years ago - 4 stars on GitHub
jhutchings1/spdx-to-dependency-graph-action v0.0.2 removed
Upload SPDX SBOM files to the dependency graph's dependency submission API2 versions - Latest release: over 1 year ago - 6 dependent repositories - 10 stars on GitHub
reposaur/repo-audit-action v0.1.0 removed
Audit your organization's repositories using Reposaur.1 version - Latest release: about 2 years ago - 1 stars on GitHub
Top 2.6% on github actions
21 versions - Latest release: 9 months ago - 54 dependent repositories - 105 stars on GitHub
triat/terraform-security-scan v3.1.0 removed
Scan your terraform code with tfsec21 versions - Latest release: 9 months ago - 54 dependent repositories - 105 stars on GitHub
Top 0.9% on github actions
4 versions - Latest release: about 4 years ago - 2,306 dependent repositories - 157 stars on GitHub
actions-rs/audit-check v1.2.0 removed 💰
Run cargo audit and check for security advisories4 versions - Latest release: about 4 years ago - 2,306 dependent repositories - 157 stars on GitHub
marcuslindblom/security-headers v1.2.0 removed 💰
Quickly and easily assess the security of your HTTP response headers4 versions - Latest release: almost 3 years ago - 1 dependent repositories - 8 stars on GitHub
GrantBirki/auditor-action-core v3.0.1 removed
The Auditor Action's Core21 versions - Latest release: 2 months ago - 1 dependent repositories - 0 stars on GitHub
Top 3.9% on github actions
8 versions - Latest release: over 1 year ago - 16 dependent repositories - 260 stars on GitHub
step-security/wait-for-secrets v1.1.0 removed
Publish from GitHub Actions using multi-factor authentication8 versions - Latest release: over 1 year ago - 16 dependent repositories - 260 stars on GitHub
gabrielrufino/mongodump-action v1.0.2 removed 💰
GitHub Action for creating a binary export of a database's contents5 versions - Latest release: 5 months ago - 1 dependent repositories - 0 stars on GitHub
Top 6.6% on github actions
11 versions - Latest release: over 1 year ago - 17 dependent repositories - 21 stars on GitHub
ScribeMD/rootless-docker 0.2.2 removed
Run Docker in Rootless Mode to Prevent Permission Errors11 versions - Latest release: over 1 year ago - 17 dependent repositories - 21 stars on GitHub
malice-labs/fork-sentry 1.0 removed
Detect and alert on suspicious forks of your repository1 version - Latest release: over 2 years ago - 2 stars on GitHub
Top 0.9% on github actions
1,194 versions - Latest release: 4 months ago - 507 dependent repositories - 190 stars on GitHub
bridgecrewio/checkov-action v12.2659.0
Run Checkov against infrastructure as code, open source packages, container images, and CI/CD con...1,194 versions - Latest release: 4 months ago - 507 dependent repositories - 190 stars on GitHub
Top 6.2% on github actions
9 versions - Latest release: over 1 year ago - 33 dependent repositories - 28 stars on GitHub
apisec-inc/ethicalcheck-action v1.0.6 removed
Free & Instant API Penetration Testing Service9 versions - Latest release: over 1 year ago - 33 dependent repositories - 28 stars on GitHub
magmanu/github-workflow-security-scanner v0.1.0 removed
A GitHub Action that performs static analysis on your workflows1 version - Latest release: about 1 year ago - 0 stars on GitHub
ncino/quack-scan latest removed
Run static code dependency scan using Black Duck Synopsys scan for NPM and PIP using Synopsys 6.0.7 versions - Latest release: about 3 years ago - 2 stars on GitHub
Related Keywords
github-actions
75
devsecops
29
security-tools
27
actions
25
static-analysis
20
security-automation
20
action
17
continuous-integration
14
ci
12
github-action
12
hacktoberfest
12
security-audit
11
python
11
sast
9
devops
9
security-scanner
9
scanning
9
github
8
aws
8
cicd
8
secrets
8
compliance
8
vulnerability
7
vulnerability-detection
7
docker
7
lint
7
scan
6
deployment
5
workflow
5
testing
5
vulnerability-scanners
5
kubernetes
5
golang
5
container
5
linter
5
dast
5
analysis
5
vulnerabilities
5
code-quality
5
cve
4
vulnerability-scanner
4
static-code-analysis
4
code-scanning
4
containers
4
deployment-automation
4
secret-management
4
automation
4
terraform
4
sarif-report
4
appsec
4
security-testing
4
software-composition-analysis
4
security-vulnerability
4
azure
3
supply-chain
3
test
3
dependency
3
scanner
3
sbom
3
dynamic-analysis
3
supply-chain-security
3
iam
3
appscan
3
code-review
3
dependabot
3
marketplace
3
php
3
sca
3
checkmarx
3
ruby
3
review
3
rails
3
bill-of-materials
2
npm
2
rustsec
2
python3
2
rust-lang
2
rust
2
brakeman
2
secrets-manager
2
cloud
2
container-security
2
gem
2
reviewdog
2
deployment-pipeline
2
secrets-scan
2
security-vulnerabilities
2
bridgecrew
2
backup
2
bugbounty
2
sarif
2
git
2
typescript
2
checkmarx-ast
2
nvd
2
pip
2
broken-links
2
dependencies
2
threat-modeling
2
bandit
2