Show HN: GitHub Action to prevent software supply chain attacks

InfluxDB - Power Real-Time Data Analytics at Scale

Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

www.influxdata.com

featured

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

featured

harden-runner

15 514 7.1 TypeScript

Network egress filtering and runtime security for GitHub-hosted and self-hosted runners
repo

6 - -

Thanks for the feedback!
w.r.t Bypass idea 1: in the future, the plan is to have application level policy, e.g. only allow 'GET https://github.com/owner/repo'.
w.r.t Bypass idea 2: in the future, the plan is to have a policy to disable sudo. Once that is done, user code will not be able to mess with the agent.

InfluxDB

www.influxdata.com featured

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Push code with GitHub Actions to Google Cloud’s Artifact Registry

2 projects | dev.to | 10 Apr 2024
How to publish on npm with `--provenance` using Lerna-Lite

1 project | dev.to | 16 Nov 2023
you must have the "bigquery.datasets.create" permission on the selected project

1 project | /r/bigquery | 10 May 2023
IAM Best Practices [cheat sheet included]

1 project | dev.to | 9 Feb 2023
harden-runner: Protect your CI/CD pipeline from SolarWinds and Codecov-Type Attacks with the Harden-Runner Security Agent

1 project | /r/CKsTechNews | 25 Jan 2023

Show HN: GitHub Action to prevent software supply chain attacks

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Security github-actions
Post date: 28 Feb 2022

harden-runner

repo

InfluxDB

Related posts

Push code with GitHub Actions to Google Cloud’s Artifact Registry

How to publish on npm with `--provenance` using Lerna-Lite

you must have the "bigquery.datasets.create" permission on the selected project

IAM Best Practices [cheat sheet included]

harden-runner: Protect your CI/CD pipeline from SolarWinds and Codecov-Type Attacks with the Harden-Runner Security Agent

Show HN: GitHub Action to prevent software supply chain attacks

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com Security github-actions Post date: 28 Feb 2022

harden-runner

repo

InfluxDB

Related posts

Push code with GitHub Actions to Google Cloud’s Artifact Registry

How to publish on npm with `--provenance` using Lerna-Lite

you must have the "bigquery.datasets.create" permission on the selected project

IAM Best Practices [cheat sheet included]

harden-runner: Protect your CI/CD pipeline from SolarWinds and Codecov-Type Attacks with the Harden-Runner Security Agent

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Security github-actions
Post date: 28 Feb 2022