Issue to track missing KBs

Initial

[ ] Add GitHub token permissions for jitterbit/get-changed-files Action

Analysis
### Analysis ```yml Action Name: jitterbit/get-changed-files Action Type: Node GITHUB_TOKEN Matches: token Top language: TypeScript Stars: 158 Private: false Forks: 91 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.compareCommits | read #### FollowUp Links. https://github.com/jitterbit/get-changed-files/blob/b17fbb00bdc0c0f63fcf166580804b4d2cdc2a42/src/main.ts ### action-security.yml ```yaml name: Get All Changed Files github-token: action-input: input: token is-default: true permissions: contents: read ```
[ ] Add GitHub token permissions for actions/upload-pages-artifact Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Upload GitHub Pages artifact" # actions/upload-pages-artifact # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for conda-incubator/setup-miniconda Action

Analysis
### Analysis ```yml Action Name: conda-incubator/setup-miniconda Action Type: Node GITHUB_TOKEN Matches: token Top language: TypeScript Stars: 334 Private: false Forks: 52 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/conda-incubator/setup-miniconda/blob/e81abac10ce2c37423b54eae5af93aa3b4d3475c/src/input.ts https://github.com/conda-incubator/setup-miniconda/blob/e81abac10ce2c37423b54eae5af93aa3b4d3475c/src/types.ts ### action-security.yml ```yaml name: "Setup Miniconda" github-token: action-input: input: token is-default: false permissions: ```
[ ] Add GitHub token permissions for actions/configure-pages Action

Analysis
### Analysis ```yml Action Name: actions/configure-pages Action Type: Node GITHUB_TOKEN Matches: token Top language: JavaScript Stars: 39 Private: false Forks: 14 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/actions/configure-pages/blob/404d23c4a6f35881831e332b4d8c5a3f7ef487f5/src/api-client.test.js https://github.com/actions/configure-pages/blob/c3113876b026427bdadec0ea1ed8997d042b09ad/src/api-client.js https://github.com/actions/configure-pages/blob/15f519fab9b615b894b202620f4be660521e4055/src/context.js https://github.com/actions/configure-pages/blob/27457957e6c812e8ba898b5956c836f663da7dde/src/index.js ### action-security.yml ```yaml name: 'Configure GitHub Pages' github-token: action-input: input: token is-default: true permissions: ```
[ ] Add GitHub token permissions for hadolint/hadolint-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Hadolint Action' # hadolint/hadolint-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for AutoModality/action-clean Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Clean Workspace' # AutoModality/action-clean # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for haya14busa/action-cond Action

Analysis
### Analysis ```yml Action Name: haya14busa/action-cond Action Type: Node GITHUB_TOKEN Matches: github_token Top language: TypeScript Stars: 66 Private: false Forks: 10 ``` ### action-security.yml
[ ] Add GitHub token permissions for infracost/actions/setup Action

Analysis
### Analysis ```yml Action Name: infracost/actions/setup Action Type: Node GITHUB_TOKEN Matches: TOKEN,github-token,token,GITHUB_TOKEN Stars: 142 Private: false Forks: 18 ```
[ ] Add GitHub token permissions for pypa/cibuildwheel Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: cibuildwheel # pypa/cibuildwheel # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for hmanzur/actions-set-secret Action

Analysis
### Analysis ```yml Action Name: hmanzur/actions-set-secret Action Type: Node GITHUB_TOKEN Matches: token,TOKEN Top language: JavaScript Stars: 37 Private: false Forks: 22 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/hmanzur/actions-set-secret/blob/7676ca1af04977d44f2bd1bb6f1d258780893710/index.js ### action-security.yml ```yaml name: 'Set Action Secret' github-token: action-input: input: token is-default: false permissions: ```
[ ] Add GitHub token permissions for mmercan/actions-set-secret Action

Analysis
### Analysis ```yml Action Name: mmercan/actions-set-secret Action Type: Node GITHUB_TOKEN Matches: token,TOKEN Top language: JavaScript Stars: 2 Private: false Forks: 2 ``` ### action-security.yml
[ ] Add GitHub token permissions for containerd/project-checks Action

Analysis
### Analysis ```yml Action Name: containerd/project-checks Action Type: Composite GITHUB_TOKEN Matches: token,TOKEN Stars: 4 Private: false Forks: 9 ```
[ ] Add GitHub token permissions for vimtor/action-zip Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Easy Zip Files" # vimtor/action-zip # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for laminas/automatic-releases Action

Analysis
### Analysis ```yml Action Name: laminas/automatic-releases Action Type: Docker GITHUB_TOKEN Matches: TOKEN,token,GITHUB_TOKEN,github_token Stars: 135 Private: false Forks: 22 ```
[ ] Add GitHub token permissions for microsoft/vstest-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "vstest-action" # microsoft/vstest-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for carlosperate/arm-none-eabi-gcc-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'arm-none-eabi-gcc GNU Arm Embedded Toolchain' # carlosperate/arm-none-eabi-gcc-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for philips-forks/antora-site-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Antora Site" # philips-forks/antora-site-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for BSFishy/pip-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Pip Installer # BSFishy/pip-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for seanmiddleditch/gha-setup-ninja Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Install ninja-build tool' # seanmiddleditch/gha-setup-ninja # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for heinrichreimer/action-github-changelog-generator Action

Analysis
### Analysis ```yml Action Name: heinrichreimer/action-github-changelog-generator Action Type: Docker GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 93 Private: false Forks: 34 ```
[ ] Add GitHub token permissions for github-actions-x/commit Action

Analysis
### Analysis ```yml Action Name: github-actions-x/commit Action Type: Docker GITHUB_TOKEN Matches: github-token,GITHUB_TOKEN,Token Stars: 51 Private: false Forks: 27 ```
[ ] Add GitHub token permissions for fossa-contrib/fossa-action Action

Analysis
### Analysis ```yml Action Name: fossa-contrib/fossa-action Action Type: Node GITHUB_TOKEN Matches: token,github-token Top language: TypeScript Stars: 15 Private: false Forks: 4 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.get | read repos.getLatestRelease | read #### FollowUp Links. https://github.com/fossa-contrib/fossa-action/blob/604bd99dc124e37e4d72b4b078b82fbb3028491b/src/constants.ts https://github.com/fossa-contrib/fossa-action/blob/784fe13702de8f8ebc27d23d8ec865e6afb6be01/src/installer.ts https://github.com/fossa-contrib/fossa-action/blob/784fe13702de8f8ebc27d23d8ec865e6afb6be01/src/index.ts ### action-security.yml ```yaml name: Fossa Action github-token: action-input: input: token is-default: true permissions: contents: read ```
[ ] Add GitHub token permissions for fluxcd/pkg//actions/crdjsonschema Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'crdjsonschema' # fluxcd/pkg//actions/crdjsonschema # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for fluxcd/pkg/actions/kustomize Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Setup kustomize CLI # fluxcd/pkg/actions/kustomize # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for fluxcd/pkg//actions/kustomize Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Setup kustomize CLI # fluxcd/pkg//actions/kustomize # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for py-actions/flake8 Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Python flake8 Lint" # py-actions/flake8 # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for cygwin/cygwin-install-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Install Cygwin Action # cygwin/cygwin-install-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for accurics/terrascan-action Action

Analysis
### Analysis ```yml Action Name: accurics/terrascan-action Action Type: Docker GITHUB_TOKEN Matches: token,TOKEN Stars: 31 Private: false Forks: 17 ```
[ ] Add GitHub token permissions for gulpjs/prettier_action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Prettier Action # gulpjs/prettier_action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for nrwl/nx-set-shas Action

Analysis
### Analysis ```yml Action Name: nrwl/nx-set-shas Action Type: Composite GITHUB_TOKEN Matches: GITHUB_TOKEN,token Stars: 65 Private: false Forks: 19 ```
[ ] Add GitHub token permissions for benc-uk/workflow-dispatch Action

Analysis
### Analysis ```yml Action Name: benc-uk/workflow-dispatch Action Type: Node GITHUB_TOKEN Matches: token,pat-token,GITHUB_TOKEN,TOKEN Top language: TypeScript Stars: 196 Private: false Forks: 68 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| actions.listRepoWorkflows | read #### FollowUp Links. https://github.com/benc-uk/workflow-dispatch/blob/827565b908f387ffd483c84312273ae185c06c8a/src/main.ts ### action-security.yml ```yaml name: 'Workflow Dispatch' github-token: action-input: input: token is-default: false permissions: actions: read ```
[ ] Add GitHub token permissions for antrea-io/has-changes Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Has Changes' # antrea-io/has-changes # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for svenstaro/upload-release-action Action

Analysis
### Analysis ```yml Action Name: svenstaro/upload-release-action Action Type: Node GITHUB_TOKEN Matches: repo_token,token,GITHUB_TOKEN,TOKEN Top language: TypeScript Stars: 349 Private: false Forks: 61 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.createRelease | write repos.delete | write repos.deleteRelease | write repos.deleteReleaseAsset | write repos.get | read repos.getRelease | read repos.getReleaseByTag | read repos.listReleaseAssets | read repos.uploadReleaseAsset | write #### FollowUp Links. https://github.com/svenstaro/upload-release-action/blob/4e5de2077753aa547cb9ca80caa0f77bf18f6bfb/src/main.ts ### action-security.yml ```yaml name: 'Upload files to a GitHub release' github-token: action-input: input: repo_token is-default: true permissions: contents: write ```
[ ] Add GitHub token permissions for RustCrypto/actions/cargo-cache Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "cargo-cache" # RustCrypto/actions/cargo-cache # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for JS-DevTools/npm-publish Action

Analysis
### Analysis ```yml Action Name: JS-DevTools/npm-publish Action Type: Node GITHUB_TOKEN Matches: token,TOKEN Top language: JavaScript Stars: 380 Private: false Forks: 55 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/JS-DevTools/npm-publish/blob/e42e3720bfe21259120218c19fdbfedcf72692bd/test/specs/action/success.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/action/failure.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/lib/success.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/cli/success.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/cli/args.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/cli/failure.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/lib/failure.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/dist/sourcemap-register.js ### action-security.yml ```yaml name: NPM Publish github-token: action-input: input: token is-default: false permissions: ```
[ ] Add GitHub token permissions for EndBug/add-and-commit Action

Analysis
### Analysis ```yml Action Name: EndBug/add-and-commit Action Type: Node GITHUB_TOKEN Matches: token,github_token,GITHUB_TOKEN,Token Top language: TypeScript Stars: 649 Private: false Forks: 83 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/EndBug/add-and-commit/blob/f7edecabb7989ef65f99a2af28bc3e03beb45dc5/src/io.ts ### action-security.yml ```yaml name: Add & Commit github-token: action-input: input: token is-default: true permissions: ```
[ ] Add GitHub token permissions for bigbinary/changelog-updater-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Changelog Updater' # bigbinary/changelog-updater-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for 8BitJonny/gh-get-current-pr Action

Analysis
### Analysis ```yml Action Name: 8BitJonny/gh-get-current-pr Action Type: Node GITHUB_TOKEN Matches: token,github-token Top language: TypeScript Stars: 54 Private: false Forks: 19 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/8BitJonny/gh-get-current-pr/blob/4e0fdd834a5f2713d0b4f03e3277521a540dcf75/src/io/get-inputs.ts https://github.com/8BitJonny/gh-get-current-pr/blob/4e0fdd834a5f2713d0b4f03e3277521a540dcf75/src/main.ts ### action-security.yml ```yaml name: Get Current Pull Request github-token: action-input: input: token is-default: true permissions: ```
[ ] Add GitHub token permissions for nosborn/github-action-markdown-cli Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: markdownlint-cli # nosborn/github-action-markdown-cli # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for dcodeIO/setup-node-nvm Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Set up node using nvm # dcodeIO/setup-node-nvm # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for dtolnay/rust-toolchain Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: rustup toolchain install # dtolnay/rust-toolchain # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for peter-evans/dockerhub-description Action

Analysis
### Analysis ```yml Action Name: peter-evans/dockerhub-description Action Type: Node GITHUB_TOKEN Matches: Token,token Top language: TypeScript Stars: 196 Private: false Forks: 33 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/peter-evans/dockerhub-description/blob/da890086d39c735e41d8823c8a95bde4302c3d64/src/main.ts https://github.com/peter-evans/dockerhub-description/blob/ae9aa33b7a26f2bbc30fac934af4b054be232f92/src/dockerhub-helper.ts ### action-security.yml ```yaml name: 'Docker Hub Description' github-token: environment-variable-name: is-default: false permissions: ```
[ ] Add GitHub token permissions for sasanquaneuf/mypy-github-action Action

Analysis
### Analysis ```yml Action Name: sasanquaneuf/mypy-github-action Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN Top language: TypeScript Stars: 6 Private: false Forks: 1 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| checks.listForRef | read checks.update | write #### FollowUp Links. https://github.com/sasanquaneuf/mypy-github-action/blob/8908b8f82282257ad047399601892ba0f91afd9a/src/main.ts ### action-security.yml ```yaml name: 'Mypy action' github-token: environment-variable-name: is-default: false permissions: checks: write ```
[ ] Add GitHub token permissions for ankane/setup-mariadb Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Setup MariaDB # ankane/setup-mariadb # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for mnajdova/github-action-required-labels Action

Analysis
### Analysis ```yml Action Name: mnajdova/github-action-required-labels Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN Top language: JavaScript Stars: 0 Private: false Forks: 0 ``` ### action-security.yml
[ ] Add GitHub token permissions for juliangruber/read-file-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Read file # juliangruber/read-file-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for jupyterhub/repo2docker-action Action

Analysis
### Analysis ```yml Action Name: jupyterhub/repo2docker-action Action Type: Docker GITHUB_TOKEN Matches: token,github-token,GITHUB_TOKEN Stars: 117 Private: false Forks: 20 ```
[ ] Add GitHub token permissions for johnwbyrd/update-release Action

Analysis
### Analysis ```yml Action Name: johnwbyrd/update-release Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN,TOKEN,github_token Top language: TypeScript Stars: 11 Private: false Forks: 10 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| git.createRef | write git.createTag | write git.getCommit | read git.updateRef | write repos.createRelease | write repos.delete | write repos.deleteRelease | write repos.deleteReleaseAsset | write repos.listReleases | read repos.listTags | read repos.uploadReleaseAsset | write #### FollowUp Links. https://github.com/johnwbyrd/update-release/blob/1d5ec4791e40507e5eca3b4dbf90f0b27e7e4979/src/main.ts ### action-security.yml ```yaml name: 'Update Release' github-token: action-input: input: token is-default: false permissions: contents: write ```
[ ] Add GitHub token permissions for richardsimko/update-tag Action

Analysis
### Analysis ```yml Action Name: richardsimko/update-tag Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN Top language: JavaScript Stars: 16 Private: false Forks: 8 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| git.createRef | write git.getRef | read git.updateRef | write #### FollowUp Links. https://github.com/richardsimko/update-tag/blob/5bd0e05b035e02d5da3768dbdcfc4e5e0908623e/src/main.js ### action-security.yml ```yaml name: "Update Tag" github-token: environment-variable-name: is-default: false permissions: contents: write ```
[ ] Add GitHub token permissions for arduino/arduino-lint-action Action

Analysis
### Analysis ```yml Action Name: arduino/arduino-lint-action Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Top language: TypeScript Stars: 23 Private: false Forks: 7 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/arduino/arduino-lint-action/blob/e26fd2724ebc5d1b5f0c32aa575c9f68fab8ab4f/src/installer.ts https://github.com/arduino/arduino-lint-action/blob/ef57ccbdaef2d211c2f3496b5fbf176adc0af0ae/__tests__/main.test.ts ### action-security.yml ```yaml name: "arduino/arduino-lint-action" github-token: action-input: input: token is-default: true permissions: ```
[ ] Add GitHub token permissions for martijnhols/actions-cache/save Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Cache > Save' # martijnhols/actions-cache/save # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for martijnhols/actions-cache/check Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Cache > Check' # martijnhols/actions-cache/check # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for arduino/setup-arduino-cli Action

Analysis
### Analysis ```yml Action Name: arduino/setup-arduino-cli Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,Token,token Top language: TypeScript Stars: 61 Private: false Forks: 5 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/arduino/setup-arduino-cli/blob/28207372640f389771230f880c288f4caad7a9bc/__tests__/main.test.ts https://github.com/arduino/setup-arduino-cli/blob/28207372640f389771230f880c288f4caad7a9bc/src/installer.ts ### action-security.yml ```yaml name: "Setup Arduino CLI" github-token: action-input: input: token is-default: true permissions: ```
[ ] Add GitHub token permissions for arduino/setup-arduino-cli Action

Analysis
### Analysis ```yml Action Name: arduino/setup-arduino-cli Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,Token,token Top language: TypeScript Stars: 61 Private: false Forks: 5 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/arduino/setup-arduino-cli/blob/28207372640f389771230f880c288f4caad7a9bc/__tests__/main.test.ts https://github.com/arduino/setup-arduino-cli/blob/28207372640f389771230f880c288f4caad7a9bc/src/installer.ts ### action-security.yml ```yaml name: "Setup Arduino CLI" github-token: action-input: input: token is-default: true permissions: ```
[ ] Add GitHub token permissions for ngs/go-release.action Action

Analysis
no analysis found
[ ] Add GitHub token permissions for reviewdog/action-staticcheck Action

Analysis
### Analysis ```yml Action Name: reviewdog/action-staticcheck Action Type: Composite GITHUB_TOKEN Matches: github_token,GITHUB_TOKEN,token Stars: 20 Private: false Forks: 2 ```
[ ] Add GitHub token permissions for morphy2k/revive-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Revive Action" # morphy2k/revive-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for GabrielBB/xvfb-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'gabrielbb/xvfb-action' # GabrielBB/xvfb-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for google-github-actions/get-gke-credentials Action

Analysis
### Analysis ```yml Action Name: google-github-actions/get-gke-credentials Action Type: Node GITHUB_TOKEN Matches: token Top language: TypeScript Stars: 51 Private: false Forks: 30 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/google-github-actions/get-gke-credentials/blob/f75ef7d6da6a1620afab3996356e5ff8485a4e94/tests/clusterClient.test.ts https://github.com/google-github-actions/get-gke-credentials/blob/f75ef7d6da6a1620afab3996356e5ff8485a4e94/src/gkeClient.ts ### action-security.yml ```yaml name: Get GKE Credentials github-token: environment-variable-name: is-default: false permissions: ```
[ ] Add GitHub token permissions for akhilerm/tag-push-action Action

Analysis
### Analysis ```yml Action Name: akhilerm/tag-push-action Action Type: Node GITHUB_TOKEN Matches: TOKEN Top language: TypeScript Stars: 21 Private: false Forks: 6 ``` ### action-security.yml
[ ] Add GitHub token permissions for ifaxity/wait-on-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Wait on # ifaxity/wait-on-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for arduino/report-size-deltas Action

Analysis
### Analysis ```yml Action Name: arduino/report-size-deltas Action Type: Docker GITHUB_TOKEN Matches: github-token,github_token,token,GITHUB_TOKEN Stars: 8 Private: false Forks: 5 ```
[ ] Add GitHub token permissions for arduino/compile-sketches Action

Analysis
### Analysis ```yml Action Name: arduino/compile-sketches Action Type: Composite GITHUB_TOKEN Matches: token,github-token,GITHUB_TOKEN,github_token,GITHUB-TOKEN Stars: 33 Private: false Forks: 9 ```
[ ] Add GitHub token permissions for actionsdesk/lfs-warning Action

Analysis
### Analysis ```yml Action Name: actionsdesk/lfs-warning Action Type: Node GITHUB_TOKEN Matches: token,Token,GITHUB_TOKEN Top language: TypeScript Stars: 19 Private: false Forks: 14 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.listFiles | read pulls.list | read git.getBlob | read issues.addLabels | write issues.create | write issues.createComment | write issues.createLabel | write issues.get | read issues.getLabel | read issues.list | read issues.listLabelsOnIssue | read issues.removeLabel | write #### FollowUp Links. https://github.com/ActionsDesk/lfs-warning/blob/7b08791c6402020118f498601c8782fc66295651/src/index.ts ### action-security.yml ```yaml name: "LFS-warning" github-token: action-input: input: token is-default: true permissions: pull-requests: read contents: read issues: write ```
[ ] Add GitHub token permissions for anchore/sbom-action/download-syft Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Anchore SBOM Action / Download Syft" # anchore/sbom-action/download-syft # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for apache/skywalking-eyes/header Action

Analysis
### Analysis ```yml Action Name: apache/skywalking-eyes/header Action Type: Docker GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 160 Private: false Forks: 48 ```
[ ] Add GitHub token permissions for Co-qn/google-chat-notification Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'google-chat-notification' # Co-qn/google-chat-notification # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for oknozor/cocogitto-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Conventional commit cocogitto action' # oknozor/cocogitto-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for graalvm/setup-graalvm Action

Analysis
### Analysis ```yml Action Name: graalvm/setup-graalvm Action Type: Node GITHUB_TOKEN Matches: token,github-token,GITHUB_TOKEN,TOKEN,Token Top language: TypeScript Stars: 87 Private: false Forks: 6 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/graalvm/setup-graalvm/blob/bbe485154cc6f7b3eca0c963b172e94a3fed4ddc/src/graalvm.ts https://github.com/graalvm/setup-graalvm/blob/f47d45565a78ae4a75725c634c923ee776b5a4a9/src/main.ts https://github.com/graalvm/setup-graalvm/blob/3b96e2ea68644f325d8995e77b14b9a804bbc915/src/constants.ts https://github.com/graalvm/setup-graalvm/blob/4f62eae3cc9579b19bbf2408f993cdd42b6c62fd/src/gu.ts https://github.com/graalvm/setup-graalvm/blob/f47d45565a78ae4a75725c634c923ee776b5a4a9/src/gds.ts https://github.com/graalvm/setup-graalvm/blob/3b96e2ea68644f325d8995e77b14b9a804bbc915/src/utils.ts https://github.com/graalvm/setup-graalvm/blob/4f62eae3cc9579b19bbf2408f993cdd42b6c62fd/__tests__/gds.test.ts ### action-security.yml ```yaml name: 'GitHub Action for GraalVM' github-token: action-input: input: token is-default: false permissions: ```
[ ] Add GitHub token permissions for hynek/build-and-inspect-python-package Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Build and Inspect a Python Package # hynek/build-and-inspect-python-package # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for azu/action-package-version-to-git-tag Action

Analysis
no analysis found
[ ] Add GitHub token permissions for drud/action-cross-commit Action

Analysis
### Analysis ```yml Action Name: drud/action-cross-commit Action Type: Docker GITHUB_TOKEN Matches: token Stars: 6 Private: false Forks: 9 ```
[ ] Add GitHub token permissions for pnpm/action-setup Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Setup pnpm # pnpm/action-setup # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for re-actors/alls-green Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: alls-green # re-actors/alls-green # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for twisted/python-info-action Action

Analysis
### Analysis ```yml Action Name: twisted/python-info-action Action Type: Composite GITHUB_TOKEN Matches: token Stars: 0 Private: false Forks: 3 ```
[ ] Add GitHub token permissions for 13rac1/block-fixup-merge-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Block fixup commit merge' # 13rac1/block-fixup-merge-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for AndreMiras/coveralls-python-action Action

Analysis
### Analysis ```yml Action Name: AndreMiras/coveralls-python-action Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN,REPO_TOKEN,token,github-token Stars: 43 Private: false Forks: 16 ```
[ ] Add GitHub token permissions for ipfs/aegir/actions/docker-login Action

Analysis
### Analysis ```yml Action Name: ipfs/aegir/actions/docker-login Action Type: Composite GITHUB_TOKEN Matches: token Stars: 74 Private: false Forks: 54 ```
[ ] Add GitHub token permissions for ipfs/aegir/actions/cache-node-modules Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Cache node modules' # ipfs/aegir/actions/cache-node-modules # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for actions-ecosystem/action-regex-match Action

Analysis
### Analysis ```yml Action Name: actions-ecosystem/action-regex-match Action Type: Node GITHUB_TOKEN Matches: github_token,GITHUB_TOKEN Top language: TypeScript Stars: 67 Private: false Forks: 21 ``` ### action-security.yml
[ ] Add GitHub token permissions for vedhavyas/generate-changelog Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Generate Simple Release Changelog' # vedhavyas/generate-changelog # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for joelanford/go-apidiff Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'go-apidiff' # joelanford/go-apidiff # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for frouioui/paths-filter Action

Analysis
### Analysis ```yml Action Name: frouioui/paths-filter Action Type: Node GITHUB_TOKEN Matches: token,Token Top language: TypeScript Stars: 0 Private: false Forks: 1 ``` ### action-security.yml
[ ] Add GitHub token permissions for arduino/setup-protoc Action

Analysis
### Analysis ```yml Action Name: arduino/setup-protoc Action Type: Node GITHUB_TOKEN Matches: token,repo-token,GITHUB_TOKEN Top language: TypeScript Stars: 66 Private: false Forks: 23 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/arduino/setup-protoc/blob/659a0032e18ce6fd967034e162fe41efa10018d3/src/main.ts https://github.com/arduino/setup-protoc/blob/659a0032e18ce6fd967034e162fe41efa10018d3/__tests__/main.test.ts https://github.com/arduino/setup-protoc/blob/659a0032e18ce6fd967034e162fe41efa10018d3/src/installer.ts ### action-security.yml ```yaml name: 'Setup protoc' github-token: action-input: input: token is-default: false permissions: ```
[ ] Add GitHub token permissions for peaceiris/actions-hugo Action

Analysis
### Analysis ```yml Action Name: peaceiris/actions-hugo Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,github_token Top language: TypeScript Stars: 1054 Private: false Forks: 56 ``` ### action-security.yml
[ ] Add GitHub token permissions for battila7/get-version-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Get Version' # battila7/get-version-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for k0kubun/action-slack Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: action-slack # k0kubun/action-slack # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for c-hive/gha-remove-artifacts Action

Analysis
### Analysis ```yml Action Name: c-hive/gha-remove-artifacts Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,token Top language: JavaScript Stars: 237 Private: false Forks: 35 ``` ### action-security.yml
[ ] Add GitHub token permissions for zaproxy/action-full-scan Action

Analysis
### Analysis ```yml Action Name: zaproxy/action-full-scan Action Type: Node GITHUB_TOKEN Matches: token,TOKEN,GITHUB_TOKEN,Token Top language: JavaScript Stars: 165 Private: false Forks: 38 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/zaproxy/action-full-scan/blob/6eade0f93b10fad8cfb4e63b979703a2cbd0cc98/index.js ### action-security.yml ```yaml name: 'OWASP ZAP Full Scan' github-token: action-input: input: token is-default: true permissions: ```
[ ] Add GitHub token permissions for opspresso/action-docker Action

Analysis
### Analysis ```yml Action Name: opspresso/action-docker Action Type: Docker GITHUB_TOKEN Matches: TOKEN Stars: 5 Private: false Forks: 1 ```
[ ] Add GitHub token permissions for ilteoood/docker_buildx Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Customizable Docker Buildx" # ilteoood/docker_buildx # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for oxsecurity/megalinter Action

Analysis
### Analysis ```yml Action Name: oxsecurity/megalinter Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN,token,TOKEN,Token Stars: 833 Private: false Forks: 124 ```
[ ] Add GitHub token permissions for EndBug/version-check Action

Analysis
### Analysis ```yml Action Name: EndBug/version-check Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN,github_token Top language: TypeScript Stars: 72 Private: false Forks: 21 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/EndBug/version-check/blob/3869e89568a7cb5a60140516b289988531eb6c2c/src/main.ts ### action-security.yml ```yaml name: Version Check github-token: action-input: input: token is-default: true permissions: ```
[ ] Add GitHub token permissions for giantswarm/install-binary-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Install Tool' # giantswarm/install-binary-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for WillAbides/setup-go-faster Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Setup Go Faster' # WillAbides/setup-go-faster # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for szenius/set-timezone Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Set Timezone" # szenius/set-timezone # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for cloudflare/wrangler-action Action

Analysis
### Analysis ```yml Action Name: cloudflare/wrangler-action Action Type: Docker GITHUB_TOKEN Matches: Token,TOKEN,token Stars: 580 Private: false Forks: 86 ```
[ ] Add GitHub token permissions for actions/github-script Action

Analysis
### Analysis ```yml Action Name: actions/github-script Action Type: Node GITHUB_TOKEN Matches: github-token,token,GITHUB_TOKEN Top language: TypeScript Stars: 2711 Private: false Forks: 281 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/actions/github-script/blob/e02270e59f7bb3eee18f21087920e5e7216fc572/src/main.ts ### action-security.yml ```yaml name: GitHub Script github-token: action-input: input: github-token is-default: true permissions: ```
[ ] Add GitHub token permissions for NodeSecure/ci-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'NodeSecure Continuous Integration' # NodeSecure/ci-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for babel/actions/create-pull-request Action

Analysis
### Analysis ```yml Action Name: babel/actions/create-pull-request Action Type: Node GITHUB_TOKEN Matches: token Stars: 22 Private: false Forks: 6 ```
[ ] Add GitHub token permissions for jandelgado/gcov2lcov-action Action

Analysis
### Analysis ```yml Action Name: jandelgado/gcov2lcov-action Action Type: Composite GITHUB_TOKEN Matches: github-token,github_token Stars: 17 Private: false Forks: 1 ```
[ ] Add GitHub token permissions for paambaati/codeclimate-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Code Climate Coverage Action' # paambaati/codeclimate-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for pulumi/action-install-pulumi-cli Action

Analysis
no analysis found
[ ] Add GitHub token permissions for jaxxstorm/action-install-gh-release Action

Analysis
### Analysis ```yml Action Name: jaxxstorm/action-install-gh-release Action Type: Node GITHUB_TOKEN Matches: Token,GITHUB_TOKEN,token Top language: JavaScript Stars: 13 Private: false Forks: 14 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.get | read repos.getLatestRelease | read repos.getRelease | read repos.getReleaseByTag | read #### FollowUp Links. https://github.com/jaxxstorm/action-install-gh-release/blob/d919e59165dbc3d515e32d2bb529eca66209fc18/lib/main.js ### action-security.yml ```yaml name: "Install a binary from GitHub releases" github-token: environment-variable-name: is-default: false permissions: contents: read ```
[ ] Add KB for aabadie/riot-action@v1

Analysis
no analysis found
[ ] Add KB for jupyterlab/maintainer-tools/.github/actions/base-setup@v1

Analysis
no analysis found
[ ] Add KB for freecodecamp/crowdin-action@main

Analysis
no analysis found
[ ] Add KB for crowdin/github-action@master

Analysis
no analysis found
[ ] Add KB for conda-incubator/setup-miniconda@v2

Analysis
no analysis found
[ ] Add GitHub token permissions for step-security/wait-for-secrets Action

Analysis
no analysis found
[ ] Add KB for vmactions/netbsd-vm

Analysis
### Analysis ```yml Action Name: vmactions/netbsd-vm Action Type: Node GITHUB_TOKEN Matches: TOKEN Top language: JavaScript Stars: 0 Private: false Forks: 0 ``` ### action-security.yml
[ ] Add KB for vmactions/openbsd-vm

Analysis
### Analysis ```yml Action Name: vmactions/openbsd-vm Action Type: Node GITHUB_TOKEN Matches: TOKEN Top language: JavaScript Stars: 5 Private: false Forks: 0 ``` ### action-security.yml
[ ] Add KB for vmactions/freebsd-vm

Analysis
### Analysis ```yml Action Name: vmactions/freebsd-vm Action Type: Node GITHUB_TOKEN Matches: TOKEN Top language: JavaScript Stars: 121 Private: false Forks: 15 ``` ### action-security.yml
[ ] Add KB for papertigers/illumos-vm

Analysis
### Analysis ```yml Action Name: papertigers/illumos-vm Action Type: Node GITHUB_TOKEN Matches: TOKEN Top language: JavaScript Stars: 3 Private: false Forks: 0 ``` ### action-security.yml
[ ] Add KB for burdzwastaken/hadolint-action

Analysis
no analysis found
[ ] Add KB for wearerequired/lint-action

Analysis
### Analysis ```yml Action Name: wearerequired/lint-action Action Type: Node GITHUB_TOKEN Matches: token,github_token,GITHUB_TOKEN Top language: JavaScript Stars: 390 Private: false Forks: 80 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/wearerequired/lint-action/blob/a2464c3e66af4825282a99944ea955a81e8cb858/test/github/context.test.js https://github.com/wearerequired/lint-action/blob/a2464c3e66af4825282a99944ea955a81e8cb858/src/github/context.js https://github.com/wearerequired/lint-action/blob/b98b0918aa71490373d2eca9e8e39a9bc1cc2517/test/github/test-constants.js https://github.com/wearerequired/lint-action/blob/cf67cff636611e7cafbf90e71d78b83e0d408d79/test/github/api.test.js https://github.com/wearerequired/lint-action/blob/7ff99e81069395022c1d9a5018ca6eada7280354/src/git.js https://github.com/wearerequired/lint-action/blob/121b69fdf77b22fa2bbb8d081b455bd31d563197/dist/index.js https://github.com/wearerequired/lint-action/blob/616f7ec78337552e970cf4879a3a5a042a7eb9e6/src/github/api.js ### action-security.yml ```yaml name: Lint Action github-token: action-input: input: token is-default: true permissions: ```
[ ] Add KB for facebook/pysa-action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Pysa Action # facebook/pysa-action # GITHUB_TOKEN not used ```
[ ] Add KB for dwieeb/needs-reply

Analysis
no analysis found
[ ] Add KB for tj-actions/changed-files

Analysis
### Analysis ```yml Action Name: tj-actions/changed-files Action Type: Composite GITHUB_TOKEN Matches: token,TOKEN,github_token,Token,GITHUB_TOKEN Stars: 470 Private: false Forks: 64 ```
[ ] Add KB for pypa/cibuildwheel

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: cibuildwheel # pypa/cibuildwheel # GITHUB_TOKEN not used ```
[ ] Add KB for michalvankodev/copy-issue-labels

Analysis
### Analysis ```yml Action Name: michalvankodev/copy-issue-labels Action Type: Node GITHUB_TOKEN Matches: repo-token,GITHUB_TOKEN Top language: TypeScript Stars: 2 Private: false Forks: 1 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| issues.addLabels | write issues.get | read issues.list | read issues.listLabelsOnIssue | read #### FollowUp Links. https://github.com/michalvankodev/copy-issue-labels/blob/1411bf6a61f0f07c90016f5a590e57d74c6e0a20/src/index.ts ### action-security.yml ```yaml name: 'copy-issue-labels' github-token: action-input: input: repo-token is-default: false permissions: issues: write ```
[ ] Add KB for bigbinary/pr-auto-update

Analysis
### Analysis ```yml Action Name: bigbinary/pr-auto-update Action Type: Node GITHUB_TOKEN Matches: github_token,Token Top language: TypeScript Stars: 0 Private: false Forks: 0 ``` ### action-security.yml
[ ] Add KB for crazy-max/ghaction-github-pages

Analysis
### Analysis ```yml Action Name: crazy-max/ghaction-github-pages Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,github_token,Token,token Top language: TypeScript Stars: 334 Private: false Forks: 31 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/crazy-max/ghaction-github-pages/blob/0c20c87f978dc85e4b78d5bf7c156de15b2f169e/src/main.ts ### action-security.yml ```yaml name: 'GitHub Pages' github-token: environment-variable-name: is-default: false permissions: ```
[ ] Add KB for actions-rs/install

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'rust-cargo-install' # actions-rs/install # GITHUB_TOKEN not used ```
[ ] Add KB for fsfe/reuse-action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'REUSE Compliance Check' # fsfe/reuse-action # GITHUB_TOKEN not used ```
[ ] Add KB for actions-rs/clippy-check

Analysis
### Analysis ```yml Action Name: actions-rs/clippy-check Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Top language: TypeScript Stars: 233 Private: false Forks: 26 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| checks.create | write checks.update | write #### FollowUp Links. https://github.com/actions-rs/clippy-check/blob/b5b5f21f4797c02da247df37026fcd0a5024aa4d/src/input.ts https://github.com/actions-rs/clippy-check/blob/b5b5f21f4797c02da247df37026fcd0a5024aa4d/src/main.ts https://github.com/actions-rs/clippy-check/blob/b5b5f21f4797c02da247df37026fcd0a5024aa4d/src/check.ts ### action-security.yml ```yaml name: 'rust-clippy-check' github-token: action-input: input: token is-default: false permissions: checks: write ```
[ ] Add KB for EmbarkStudios/cargo-deny-action

Analysis
### Analysis ```yml Action Name: EmbarkStudios/cargo-deny-action Action Type: Docker GITHUB_TOKEN Matches: token Stars: 46 Private: false Forks: 13 ```
[ ] Add KB for DuckSoft/extract-7z-action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'extract-7z-action' # DuckSoft/extract-7z-action # GITHUB_TOKEN not used ```
[ ] Add KB for suisei-cn/actions-download-file

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Fetch and Save" # suisei-cn/actions-download-file # GITHUB_TOKEN not used ```
[ ] Add KB for julia-actions/setup-julia

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Setup Julia environment' # julia-actions/setup-julia # GITHUB_TOKEN not used ```
[ ] Add KB for chrnorm/deployment-status

Analysis
### Analysis ```yml Action Name: chrnorm/deployment-status Action Type: Node GITHUB_TOKEN Matches: token Top language: JavaScript Stars: 48 Private: false Forks: 35 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.createDeployment | write repos.createDeploymentStatus | write #### FollowUp Links. https://github.com/chrnorm/deployment-status/blob/07b3930847f65e71c9c6802ff5a402f6dfb46b86/lib/main.js ### action-security.yml ```yaml name: 'Deployment Status' github-token: action-input: input: token is-default: false permissions: contents: write ```
[ ] Add KB for chrnorm/deployment-action

Analysis
### Analysis ```yml Action Name: chrnorm/deployment-action Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN,TOKEN Top language: JavaScript Stars: 103 Private: false Forks: 56 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.createDeployment | write repos.createDeploymentStatus | write #### FollowUp Links. https://github.com/chrnorm/deployment-action/blob/3afecce166a0a2f92d3a9e7351a9908a72121c24/lib/main.js ### action-security.yml ```yaml name: 'Deployment Action' github-token: action-input: input: token is-default: false permissions: contents: write ```
[ ] Add KB for eberlitz/lcov-reporter-action

Analysis
### Analysis ```yml Action Name: eberlitz/lcov-reporter-action Action Type: Node GITHUB_TOKEN Matches: github-token,token,GITHUB_TOKEN Top language: JavaScript Stars: 0 Private: false Forks: 0 ``` ### action-security.yml
[ ] Add KB for norio-nomura/action-swiftlint

Analysis
### Analysis ```yml Action Name: norio-nomura/action-swiftlint Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN Stars: 297 Private: false Forks: 37 ```
[ ] Add KB for crazy-max/ghaction-github-runtime

Analysis
### Analysis ```yml Action Name: crazy-max/ghaction-github-runtime Action Type: Node GITHUB_TOKEN Matches: TOKEN,github-token,Token,token Top language: Dockerfile Stars: 16 Private: false Forks: 4 ``` ### action-security.yml
[ ] Add KB for alexellis/upload-assets

Analysis
### Analysis ```yml Action Name: alexellis/upload-assets Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,token Top language: JavaScript Stars: 31 Private: false Forks: 6 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.uploadReleaseAsset | write repos.get | read repos.getRelease | read repos.getReleaseByTag | read #### FollowUp Links. https://github.com/alexellis/upload-assets/blob/9e94dcf277d4c86fdac84b857a6b4ea08f077f1e/src/lib.js https://github.com/alexellis/upload-assets/blob/9e94dcf277d4c86fdac84b857a6b4ea08f077f1e/dist/index.js ### action-security.yml ```yaml name: 'Upload Release Assets' github-token: environment-variable-name: is-default: false permissions: contents: write ```
[ ] Add KB for peter-evans/close-pull

Analysis
### Analysis ```yml Action Name: peter-evans/close-pull Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Top language: TypeScript Stars: 12 Private: false Forks: 0 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.get | read pulls.update | write git.deleteRef | write issues.create | write issues.createComment | write #### FollowUp Links. https://github.com/peter-evans/close-pull/blob/cd1af3be40e42b1c6cb814502bee104471c8980b/src/main.ts ### action-security.yml ```yaml name: 'Close Pull' github-token: action-input: input: token is-default: true permissions: pull-requests: write contents: write issues: write ```
[ ] Add KB for hkusu/review-assign-action

Analysis
### Analysis ```yml Action Name: hkusu/review-assign-action Action Type: Node GITHUB_TOKEN Matches: github-token,token Top language: JavaScript Stars: 14 Private: false Forks: 1 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/hkusu/review-assign-action/blob/f91d83749aef5af829c3fd12b5bad2186d8daf0c/src/utils.js https://github.com/hkusu/review-assign-action/blob/71e91593dc939cde6429261c1172f31a9ed98204/src/main.js https://github.com/hkusu/review-assign-action/blob/e7863d32a4c6fa2cbad35c5b44e62c34a151b59f/dist/index.js https://github.com/hkusu/review-assign-action/blob/e7863d32a4c6fa2cbad35c5b44e62c34a151b59f/src/run.js ### action-security.yml ```yaml name: 'Review Assign Action' github-token: action-input: input: github-token is-default: true permissions: ```
[ ] Add KB for mikepenz/action-junit-report

Analysis
### Analysis ```yml Action Name: mikepenz/action-junit-report Action Type: Node GITHUB_TOKEN Matches: token,github_token Top language: TypeScript Stars: 111 Private: false Forks: 57 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| checks.create | write checks.listForRef | read checks.update | write #### FollowUp Links. https://github.com/mikepenz/action-junit-report/blob/d248978004b57af82f4bfa4fe15d21748a9ede5e/src/main.ts https://github.com/mikepenz/action-junit-report/blob/d99ab95d409a324c72adec78b05a613c5eed934c/src/annotator.ts ### action-security.yml ```yaml name: 'JUnit Report Action' github-token: action-input: input: token is-default: true permissions: checks: write ```
[ ] Add KB for madrapps/jacoco-report

Analysis
### Analysis ```yml Action Name: madrapps/jacoco-report Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Top language: JavaScript Stars: 37 Private: false Forks: 19 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| issues.create | write issues.createComment | write issues.list | read issues.listComments | read issues.update | write issues.updateComment | write repos.compareCommits | read #### FollowUp Links. https://github.com/Madrapps/jacoco-report/blob/bb381256784cb1bc10e1c401176754dfe89ea720/src/action.js ### action-security.yml ```yaml name: "JaCoCo Report" github-token: action-input: input: token is-default: false permissions: issues: write contents: read ```
[ ] Add KB for uraimo/run-on-arch-action

Analysis
### Analysis ```yml Action Name: uraimo/run-on-arch-action Action Type: Node GITHUB_TOKEN Matches: Token,token Top language: Shell Stars: 391 Private: false Forks: 86 ``` #### FollowUp Links. https://github.com/uraimo/run-on-arch-action/blob/d9e985ee32020b12e9cafe5b7d52cf0122bb7609/src/run-on-arch.sh ### action-security.yml
[ ] Add KB for messense/maturin-action

Analysis
### Analysis ```yml Action Name: messense/maturin-action Action Type: Node GITHUB_TOKEN Matches: token Top language: TypeScript Stars: 47 Private: false Forks: 14 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/messense/maturin-action/blob/5ee8aeab26c4261858746978295a2fee8f8f54c7/src/index.ts ### action-security.yml ```yaml name: 'maturin-action' github-token: action-input: input: token is-default: true permissions: ```
[ ] Add KB for gitleaks/gitleaks-action

Analysis
### Analysis ```yml Action Name: gitleaks/gitleaks-action Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN,github_token Top language: JavaScript Stars: 128 Private: false Forks: 78 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.create | write pulls.createReview | write repos.get | read repos.getLatestRelease | read #### FollowUp Links. https://github.com/gitleaks/gitleaks-action/blob/f65dee2ef48e96e7a5a2b775b131c3d81b2e73ea/src/gitleaks.js https://github.com/gitleaks/gitleaks-action/blob/f2f91c818f5cd695ba27332127a4fcee1a997838/src/index.js ### action-security.yml ```yaml name: Gitleaks github-token: environment-variable-name: is-default: false permissions: pull-requests: write contents: read ```
[ ] Add KB for elgohr/Publish-Docker-Github-Action

Analysis
### Analysis ```yml Action Name: elgohr/Publish-Docker-Github-Action Action Type: Composite GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 705 Private: false Forks: 209 ```
[ ] Add KB for dsaltares/fetch-gh-release-asset

Analysis
### Analysis ```yml Action Name: dsaltares/fetch-gh-release-asset Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Top language: TypeScript Stars: 56 Private: false Forks: 51 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.get | read repos.getLatestRelease | read repos.getRelease | read repos.getReleaseByTag | read #### FollowUp Links. https://github.com/dsaltares/fetch-gh-release-asset/blob/d9376dacd30fd38f49238586cd2e9295a8307f4c/index.ts ### action-security.yml ```yaml name: 'Fetch Github Release Asset' github-token: action-input: input: token is-default: true permissions: contents: read ```
[ ] Add KB for Sibz/github-status-action

Analysis
### Analysis ```yml Action Name: Sibz/github-status-action Action Type: Node GITHUB_TOKEN Matches: Token,GITHUB_TOKEN,token Top language: TypeScript Stars: 40 Private: false Forks: 19 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/Sibz/github-status-action/blob/67af1f4042a5a790681aad83c44008ca6cfab83d/src/main.ts https://github.com/Sibz/github-status-action/blob/67af1f4042a5a790681aad83c44008ca6cfab83d/src/inputNames.ts ### action-security.yml ```yaml name: 'github-status-action' github-token: action-input: input: Token is-default: false permissions: ```
[ ] Add KB for simple-elf/allure-report-action

Analysis
### Analysis ```yml Action Name: simple-elf/allure-report-action Action Type: Docker GITHUB_TOKEN Matches: TOKEN,GITHUB_TOKEN,Token Stars: 56 Private: false Forks: 47 ```
[ ] Add KB for deborah-digges/new-pull-request-comment-action

Analysis
### Analysis ```yml Action Name: deborah-digges/new-pull-request-comment-action Action Type: Node GITHUB_TOKEN Matches: token,Token,TOKEN Top language: JavaScript Stars: 4 Private: false Forks: 2 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.list | read issues.create | write issues.createComment | write #### FollowUp Links. https://github.com/Deborah-Digges/new-pull-request-comment-action/blob/224c179a9e23f65ec50ff3240b8716369dc415d7/src/index.js ### action-security.yml ```yaml name: 'Welcome bot on new pull requests' github-token: action-input: input: token is-default: false permissions: pull-requests: read issues: write ```
[ ] Add KB for psf/black

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Black" # psf/black # GITHUB_TOKEN not used ```
[ ] Add KB for liskin/gh-problem-matcher-wrap

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Problem Matcher wrapper (linter errors as annotations even for fork PRs) # liskin/gh-problem-matcher-wrap # GITHUB_TOKEN not used ```
[ ] Add KB for damccorm/tag-ur-it

Analysis
### Analysis ```yml Action Name: damccorm/tag-ur-it Action Type: Node GITHUB_TOKEN Matches: repo-token,GITHUB_TOKEN Top language: TypeScript Stars: 22 Private: false Forks: 7 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| issues.get | read issues.update | write #### FollowUp Links. https://github.com/damccorm/tag-ur-it/blob/7c0e852a6bd84e9c7f842ef4f0ee67335b005a49/src/index.ts ### action-security.yml ```yaml name: 'tag-ur-it' github-token: action-input: input: repo-token is-default: false permissions: issues: write ```
[ ] Add KB for sdkman/sdkman-action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Run SDKMAN!' # sdkman/sdkman-action # GITHUB_TOKEN not used ```
[ ] Add KB for bazelbuild/setup-bazelisk

Analysis
### Analysis ```yml Action Name: bazelbuild/setup-bazelisk Action Type: Node GITHUB_TOKEN Matches: token Top language: TypeScript Stars: 32 Private: false Forks: 6 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.listReleases | read #### FollowUp Links. https://github.com/bazelbuild/setup-bazelisk/blob/9003b5f36bc0e70b0adba68b81d7fe872f7a328e/src/installer.ts https://github.com/bazelbuild/setup-bazelisk/blob/9003b5f36bc0e70b0adba68b81d7fe872f7a328e/src/main.ts ### action-security.yml ```yaml name: 'Setup Bazelisk' github-token: action-input: input: token is-default: true permissions: contents: read ```
[ ] Add GitHub token permissions for GabrielBB/xvfb-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'gabrielbb/xvfb-action' # GabrielBB/xvfb-action # GITHUB_TOKEN not used ```
[ ] Add KB for DataDog/labeler

Analysis
### Analysis ```yml Action Name: DataDog/labeler Action Type: Node GITHUB_TOKEN Matches: repo-token,GITHUB_TOKEN Top language: TypeScript Stars: 0 Private: false Forks: 0 ``` ### action-security.yml
[ ] Add KB for atlassian/gajira-login

Analysis
no analysis found
[ ] Add KB for zendesk/setup-ruby

Analysis
no analysis found
[ ] Add KB for actionshub/chef-delivery

Analysis
no analysis found
[ ] Add KB for zendesk/checkout

Analysis
no analysis found
[ ] Add KB for abhinavsingh/setup-bazel

Analysis
no analysis found
[ ] Add KB for eskatos/gradle-command-action

Analysis
no analysis found
[ ] Add KB for scottbrenner/cfn-lint-action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "cfn-lint-action" # scottbrenner/cfn-lint-action # GITHUB_TOKEN not used ```
[ ] Add KB for irongut/EditRelease

Analysis
### Analysis ```yml Action Name: irongut/EditRelease Action Type: Docker GITHUB_TOKEN Matches: token,GITHUB_TOKEN,Token Stars: 2 Private: false Forks: 0 ```
[ ] Add KB for nikeee/docfx-action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: docfx-action # nikeee/docfx-action # GITHUB_TOKEN not used ```
[ ] Add KB for samspills/assign-pr-to-author

Analysis
### Analysis ```yml Action Name: samspills/assign-pr-to-author Action Type: Node GITHUB_TOKEN Matches: repo-token,GITHUB_TOKEN,Token Top language: JavaScript Stars: 14 Private: false Forks: 2 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| issues.update | write #### FollowUp Links. https://github.com/samspills/assign-pr-to-author/blob/223a87a821f7e7447cfb5221bc53ceeb633341c2/lib/main.js ### action-security.yml ```yaml name: 'Assign PR to Author' github-token: action-input: input: repo-token is-default: false permissions: issues: write ```
[ ] Add KB for dtolnay/rust-toolchain

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: rustup toolchain install # dtolnay/rust-toolchain # GITHUB_TOKEN not used ```
[ ] Add KB for jwgmeligmeyling/checkstyle-github-action

Analysis
### Analysis ```yml Action Name: jwgmeligmeyling/checkstyle-github-action Action Type: Node GITHUB_TOKEN Matches: token Top language: TypeScript Stars: 9 Private: false Forks: 9 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| checks.create | write checks.listForRef | read checks.update | write #### FollowUp Links. https://github.com/jwgmeligmeyling/checkstyle-github-action/blob/64a4fc2afff34a8547a2971311096b217af7481e/src/constants.ts https://github.com/jwgmeligmeyling/checkstyle-github-action/blob/a12be500c097a5cedab881d4785ef9b4a4d3ee6a/src/main.ts ### action-security.yml ```yaml name: 'Push Checkstyle report' github-token: action-input: input: token is-default: true permissions: checks: write ```
[ ] Add KB for golfzaptw/action-auto-reviews-from-branches

Analysis
### Analysis ```yml Action Name: golfzaptw/action-auto-reviews-from-branches Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN,token,TOKEN Stars: 3 Private: false Forks: 3 ```
[ ] Add KB for sdepold/github-action-get-latest-release

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Get Latest Release' # sdepold/github-action-get-latest-release # GITHUB_TOKEN not used ```
[ ] Add KB for cardinalby/git-get-release-action

Analysis
### Analysis ```yml Action Name: cardinalby/git-get-release-action Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,token Top language: TypeScript Stars: 14 Private: false Forks: 3 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/cardinalby/git-get-release-action/blob/dbe9106527abc9248cc57323d035fdd9057658e1/src/main.ts https://github.com/cardinalby/git-get-release-action/blob/7c1b1d20fe25ab461b1a7748d46925cdd6cdc628/tests/integration/action.test.ts ### action-security.yml ```yaml name: 'git-get-release-action' github-token: environment-variable-name: is-default: false permissions: ```
[ ] Add KB for codacy/codacy-coverage-reporter-action

Analysis
Why is this happening @varunsh-coder ? This KB already exists
[ ] Add KB for juliangruber/sleep-action

Analysis
no analysis found
[ ] Add KB for imjasonh/setup-ko

Analysis
### Analysis ```yml Action Name: imjasonh/setup-ko Action Type: Composite GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 10 Private: false Forks: 2 ```
[ ] Add KB for FabianKramm/release-asset-action

Analysis
### Analysis ```yml Action Name: FabianKramm/release-asset-action Action Type: Node GITHUB_TOKEN Matches: github-token,GITHUB_TOKEN,token Top language: JavaScript Stars: 0 Private: false Forks: 1 ``` ### action-security.yml
[ ] Add KB for jerray/publish-docker-action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Publish Docker Action' # jerray/publish-docker-action # GITHUB_TOKEN not used ```
[ ] Add KB for dorny/test-reporter

Analysis
### Analysis ```yml Action Name: dorny/test-reporter Action Type: Node GITHUB_TOKEN Matches: token,Token Top language: TypeScript Stars: 286 Private: false Forks: 62 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| checks.create | write checks.update | write actions.listWorkflowRunArtifacts | read actions.downloadArtifact | read git.getCommit | read git.getTree | read #### FollowUp Links. https://github.com/dorny/test-reporter/blob/a585725c8b86ed12ec5ea9537703f2b1240b0c3f/src/main.ts https://github.com/dorny/test-reporter/blob/2c87efac073270a76b2a8c81d9b1e3b082f245c8/src/input-providers/artifact-provider.ts https://github.com/dorny/test-reporter/blob/2c87efac073270a76b2a8c81d9b1e3b082f245c8/src/utils/github-utils.ts ### action-security.yml ```yaml name: Test Reporter github-token: action-input: input: token is-default: true permissions: checks: write actions: read contents: read ```
[ ] Add KB for Arhia/action-check-typescript

Analysis
### Analysis ```yml Action Name: Arhia/action-check-typescript Action Type: Node GITHUB_TOKEN Matches: repo-token,token,GITHUB_TOKEN,Token Top language: TypeScript Stars: 3 Private: false Forks: 1 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.create | write pulls.createReview | write issues.create | write issues.createComment | write #### FollowUp Links. https://github.com/Arhia/action-check-typescript/blob/3aabe37455746a0ef74ef276b0af051ca32434e9/src/getAndValidateArgs.ts https://github.com/Arhia/action-check-typescript/blob/194ca7420a0ac092a273f1a6134bbdd347390e8e/dist/typescript4/lib/lib.es2021.weakref.d.ts https://github.com/Arhia/action-check-typescript/blob/194ca7420a0ac092a273f1a6134bbdd347390e8e/dist/typescript1/lib/lib.es2021.weakref.d.ts https://github.com/Arhia/action-check-typescript/blob/194ca7420a0ac092a273f1a6134bbdd347390e8e/dist/typescript3/lib/lib.es2021.weakref.d.ts https://github.com/Arhia/action-check-typescript/blob/194ca7420a0ac092a273f1a6134bbdd347390e8e/dist/typescript2/lib/lib.es2021.weakref.d.ts https://github.com/Arhia/action-check-typescript/blob/194ca7420a0ac092a273f1a6134bbdd347390e8e/dist/typescript3/lib/lib.esnext.weakref.d.ts https://github.com/Arhia/action-check-typescript/blob/194ca7420a0ac092a273f1a6134bbdd347390e8e/dist/typescript2/lib/lib.esnext.weakref.d.ts https://github.com/Arhia/action-check-typescript/blob/194ca7420a0ac092a273f1a6134bbdd347390e8e/dist/typescript4/lib/lib.esnext.weakref.d.ts https://github.com/Arhia/action-check-typescript/blob/194ca7420a0ac092a273f1a6134bbdd347390e8e/dist/typescript1/lib/lib.esnext.weakref.d.ts https://github.com/Arhia/action-check-typescript/blob/58477b0a0601f9fc71350bfab2c53c6260326c86/dist/typescript/lib/lib.es2021.weakref.d.ts https://github.com/Arhia/action-check-typescript/blob/58477b0a0601f9fc71350bfab2c53c6260326c86/dist/typescript/lib/lib.esnext.weakref.d.ts https://github.com/Arhia/action-check-typescript/blob/d1a7bbe877766c64f1703a48cd707b13488fdae3/src/main.ts ### action-security.yml ```yaml name: 'Action Check Typescript errors' github-token: action-input: input: repo-token is-default: false permissions: pull-requests: write issues: write ```
[ ] Add KB for futuratrepadeira/changed-files

Analysis
no analysis found
[ ] Add KB for Equip-Collaboration/diff-line-numbers

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Diff line numbers' # Equip-Collaboration/diff-line-numbers # GITHUB_TOKEN not used ```
[ ] Add KB for dschep/install-pipenv-action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Install pipenv' # dschep/install-pipenv-action # GITHUB_TOKEN not used ```
[ ] Add KB for pragatheeswarans/yarn-audit-action

Analysis
### Analysis ```yml Action Name: pragatheeswarans/yarn-audit-action Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Top language: JavaScript Stars: 2 Private: false Forks: 3 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| issues.create | write issues.list | read issues.listForRepo | read #### FollowUp Links. https://github.com/pragatheeswarans/yarn-audit-action/blob/f3ab4c055f4b8f1db1b1ae0e32bab690c9050603/dist/index.js https://github.com/pragatheeswarans/yarn-audit-action/blob/f3ab4c055f4b8f1db1b1ae0e32bab690c9050603/index.js ### action-security.yml ```yaml name: 'Yarn Audit' github-token: action-input: input: token is-default: false permissions: issues: write ```
[ ] Add KB for ArtiomTr/jest-coverage-report-action

Analysis
### Analysis ```yml Action Name: ArtiomTr/jest-coverage-report-action Action Type: Composite GITHUB_TOKEN Matches: token,github-token,TOKEN,GITHUB-TOKEN Stars: 198 Private: false Forks: 76 ```
[ ] Add KB for tomwillis608/comment-test-coverage

Analysis
### Analysis ```yml Action Name: tomwillis608/comment-test-coverage Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Top language: JavaScript Stars: 0 Private: false Forks: 0 ``` ### action-security.yml
[ ] Add KB for EnricoMi/publish-unit-test-result-action

Analysis
### Analysis ```yml Action Name: EnricoMi/publish-unit-test-result-action Action Type: Docker GITHUB_TOKEN Matches: github_token,token,GITHUB_TOKEN,TOKEN,Token Stars: 265 Private: false Forks: 88 ```
[ ] Add KB for megalinter/megalinter

Analysis
### Analysis ```yml Action Name: megalinter/megalinter Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN,token,Token,TOKEN Stars: 673 Private: false Forks: 101 ```
[ ] Add KB for juliangruber/read-file-action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Read file # juliangruber/read-file-action # GITHUB_TOKEN not used ```
[ ] Add KB for JimCronqvist/action-ssh

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "SSH Execute Commands" # JimCronqvist/action-ssh # GITHUB_TOKEN not used ```
[ ] Add KB for easingthemes/ssh-deploy

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "ssh deploy" # easingthemes/ssh-deploy # GITHUB_TOKEN not used ```
[ ] Add KB for hadolint/hadolint-action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Hadolint Action' # hadolint/hadolint-action # GITHUB_TOKEN not used ```
[ ] Add KB for Codesee-io/codesee-map-action

Analysis
### Analysis ```yml Action Name: Codesee-io/codesee-map-action Action Type: Node GITHUB_TOKEN Matches: token,Token Top language: JavaScript Stars: 6 Private: false Forks: 2 ``` #### FollowUp Links. https://github.com/Codesee-io/codesee-map-action/blob/269b57776511dea36b9bd71bf31bc4530e8c5bfb/src/action.js https://github.com/Codesee-io/codesee-map-action/blob/269b57776511dea36b9bd71bf31bc4530e8c5bfb/dist/index.js https://github.com/Codesee-io/codesee-map-action/blob/2a35b0d433b6221fba56e0912386032c846828a0/src/insights.js ### action-security.yml
[ ] Add KB for JS-DevTools/npm-publish

Analysis
### Analysis ```yml Action Name: JS-DevTools/npm-publish Action Type: Node GITHUB_TOKEN Matches: token,TOKEN Top language: JavaScript Stars: 338 Private: false Forks: 47 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/JS-DevTools/npm-publish/blob/e42e3720bfe21259120218c19fdbfedcf72692bd/test/specs/action/success.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/action/failure.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/lib/success.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/cli/success.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/cli/args.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/cli/failure.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/lib/failure.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/dist/sourcemap-register.js ### action-security.yml ```yaml name: NPM Publish github-token: action-input: input: token is-default: false permissions: ```
[ ] Add KB for EndBug/add-and-commit

Analysis
### Analysis ```yml Action Name: EndBug/add-and-commit Action Type: Node GITHUB_TOKEN Matches: token,github_token,GITHUB_TOKEN,Token Top language: TypeScript Stars: 557 Private: false Forks: 75 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/EndBug/add-and-commit/blob/0e4f5f64171dcc332288834e2928909b389a9a8c/src/io.ts ### action-security.yml ```yaml name: Add & Commit github-token: action-input: input: token is-default: true permissions: ```
[ ] Add KB for step-security/get-mfa-secrets

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Get MFA Secrets' # step-security/get-mfa-secrets # GITHUB_TOKEN not used ```
[ ] Add KB for sett-and-hive/sarif-to-issue-action

Analysis
### Analysis ```yml Action Name: sett-and-hive/sarif-to-issue-action Action Type: Docker GITHUB_TOKEN Matches: token,Token,GITHUB_TOKEN Stars: 1 Private: false Forks: 0 ```
[ ] Add KB for jeffreytse/jekyll-deploy-action

Analysis
### Analysis ```yml Action Name: jeffreytse/jekyll-deploy-action Action Type: Docker GITHUB_TOKEN Matches: token,GITHUB_TOKEN,Token,GH_TOKEN Stars: 181 Private: false Forks: 17 ```
[ ] Add KB for actions/dependency-review-action

Analysis
### Analysis ```yml Action Name: actions/dependency-review-action Action Type: Node GITHUB_TOKEN Matches: repo-token,Token,GITHUB_TOKEN,token Top language: TypeScript Stars: 176 Private: false Forks: 24 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/actions/dependency-review-action/blob/0e686847c07129d741636f8826e19766b940064b/src/dependency-graph.ts ### action-security.yml ```yaml name: 'Dependency Review' github-token: action-input: input: repo-token is-default: true permissions: ```
[ ] Add KB for cla-assistant/github-action

Analysis
no analysis found
[ ] Add KB for dwenegar/upload-release-assets

Analysis
### Analysis ```yml Action Name: dwenegar/upload-release-assets Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN Top language: JavaScript Stars: 5 Private: false Forks: 3 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.get | read repos.getRelease | read repos.uploadReleaseAsset | write #### FollowUp Links. https://github.com/dwenegar/upload-release-assets/blob/fc5bc557b51cf4fc168f11bebc1e20a17949f0d2/lib/upload-release-assets.js https://github.com/dwenegar/upload-release-assets/blob/fc5bc557b51cf4fc168f11bebc1e20a17949f0d2/dist/index.js ### action-security.yml ```yaml name: 'Upload Multiple Assets to a Release' github-token: environment-variable-name: is-default: false permissions: contents: write ```
[ ] Add KB for dbelyaev/action-checkstyle

Analysis
### Analysis ```yml Action Name: dbelyaev/action-checkstyle Action Type: Docker GITHUB_TOKEN Matches: github_token,GITHUB_TOKEN,token Stars: 6 Private: false Forks: 3 ```
[ ] Add KB for sonarsource/sonarqube-scan-action

Analysis
### Analysis ```yml Action Name: sonarsource/sonarqube-scan-action Action Type: Docker GITHUB_TOKEN Matches: token,TOKEN Stars: 44 Private: false Forks: 38 ```
[ ] Add KB for nwtgck/actions-netlify

Analysis
### Analysis ```yml Action Name: nwtgck/actions-netlify Action Type: Node GITHUB_TOKEN Matches: github-token,GITHUB_TOKEN,TOKEN,token Top language: TypeScript Stars: 218 Private: false Forks: 26 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| issues.create | write issues.createComment | write issues.list | read issues.listComments | read issues.update | write issues.updateComment | write repos.createCommitComment | write repos.createCommitStatus | write repos.createDeployment | write repos.createDeploymentStatus | write #### FollowUp Links. https://github.com/nwtgck/actions-netlify/blob/9b51bd37bcaba08043fd9b0ba2ebba10fed202a2/src/inputs.ts https://github.com/nwtgck/actions-netlify/blob/99552499dc4207a31e262620f263e7cfdf39cf59/__tests__/main.test.ts https://github.com/nwtgck/actions-netlify/blob/99552499dc4207a31e262620f263e7cfdf39cf59/src/main.ts https://github.com/nwtgck/actions-netlify/blob/f8cb5140c81a226406d8f1ae2f2327ea7290a74a/__tests__/production-deploy.test.ts ### action-security.yml ```yaml name: 'Netlify Actions' github-token: action-input: input: github-token is-default: false permissions: issues: write contents: write ```
[ ] Add KB for 8398a7/action-slack

Analysis
### Analysis ```yml Action Name: 8398a7/action-slack Action Type: Node GITHUB_TOKEN Matches: github_token,token Top language: TypeScript Stars: 477 Private: false Forks: 107 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/src/main.ts https://github.com/8398a7/action-slack/blob/a3e8b830c2c988f81c885a661af998793e522093/__tests__/client.test.ts https://github.com/8398a7/action-slack/blob/512ca3bca5f574ba30934d501b6bf3f89da740b0/__tests__/pull_request.test.ts https://github.com/8398a7/action-slack/blob/0f88d5d97704b5c413e145eecd0e14fa83f7428c/__tests__/reusableWorkflowJobName.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/matrix.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/customJobName.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/incorrectMatrix.test.ts https://github.com/8398a7/action-slack/blob/512ca3bca5f574ba30934d501b6bf3f89da740b0/__tests__/helper.ts https://github.com/8398a7/action-slack/blob/0ddb66bd58dbd35726dd98ee08205cf422b55640/src/client.ts ### action-security.yml ```yaml name: action-slack github-token: action-input: input: github_token is-default: true permissions: ```
[ ] Add KB for triat/terraform-security-scan

Analysis
### Analysis ```yml Action Name: triat/terraform-security-scan Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN Stars: 95 Private: false Forks: 28 ```
[ ] Add KB for github-actions-x/commit

Analysis
### Analysis ```yml Action Name: github-actions-x/commit Action Type: Docker GITHUB_TOKEN Matches: github-token,GITHUB_TOKEN,Token Stars: 43 Private: false Forks: 24 ```
[ ] Add KB for pascalgn/automerge-action

Analysis
### Analysis ```yml Action Name: pascalgn/automerge-action Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,token Top language: JavaScript Stars: 597 Private: false Forks: 164 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.get | read repos.merge | write #### FollowUp Links. https://github.com/pascalgn/automerge-action/blob/8cca5dfe0094348ed0a88cd168d5e46f17cb3b7f/it/it.js https://github.com/pascalgn/automerge-action/blob/f77295efe70171807ddd46fca6fab7740a90d0b0/bin/automerge.js https://github.com/pascalgn/automerge-action/blob/0e2da31c4fcc0753371149156f6740dfe4b604f5/lib/update.js ### action-security.yml ```yaml name: "Merge pull requests (automerge-action)" github-token: environment-variable-name: is-default: false permissions: pull-requests: read contents: write ```
[ ] Add KB for Passiverecords/chrome-extension-upload-action

Analysis
### Analysis ```yml Action Name: Passiverecords/chrome-extension-upload-action Action Type: Docker GITHUB_TOKEN Matches: token,Token Stars: 40 Private: false Forks: 4 ```
[ ] Add KB for kanga333/comment-hider

Analysis
### Analysis ```yml Action Name: kanga333/comment-hider Action Type: Node GITHUB_TOKEN Matches: github_token,GITHUB_TOKEN,github-token,token Top language: TypeScript Stars: 4 Private: false Forks: 4 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| issues.list | read issues.listComments | read #### FollowUp Links. https://github.com/kanga333/comment-hider/blob/bbdf5b562fbec24e6f60572d8f712017428b92e0/src/main.ts https://github.com/kanga333/comment-hider/blob/20b043f05c358c1fdd59e90be5431d5ae6fb6c6c/src/client.ts ### action-security.yml ```yaml name: 'comment-hider' github-token: action-input: input: github_token is-default: false permissions: issues: read ```
[ ] Add KB for jreleaser/release-action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: JReleaser # jreleaser/release-action # GITHUB_TOKEN not used ```
[ ] Add KB for schneegans/dynamic-badges-action

Analysis
### Analysis ```yml Action Name: schneegans/dynamic-badges-action Action Type: Node GITHUB_TOKEN Matches: token Top language: JavaScript Stars: 94 Private: false Forks: 20 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/Schneegans/dynamic-badges-action/blob/29735733575bcd25625fe32dd56e92b3936b9650/index.js ### action-security.yml ```yaml name: 'Dynamic Badges' github-token: environment-variable-name: is-default: false permissions: ```
[ ] Add KB for variant-inc/actions-python

Analysis
### Analysis ```yml Action Name: variant-inc/actions-python Action Type: Docker GITHUB_TOKEN Matches: github_token,GITHUB_TOKEN,token Stars: 0 Private: false Forks: 1 ```
[ ] Add KB for variant-inc/lazy-action-setup

Analysis
### Analysis ```yml Action Name: variant-inc/lazy-action-setup Action Type: Composite GITHUB_TOKEN Matches: TOKEN,Token Stars: 0 Private: false Forks: 2 ```
[ ] Add KB for slsa-framework/github-actions-demo

Analysis
This one uses GitHub Context, wonder how that would work
[ ] Add KB for rajatjindal/krew-release-bot

Analysis
### Analysis ```yml Action Name: rajatjindal/krew-release-bot Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN Stars: 34 Private: false Forks: 10 ```
[ ] Add KB for creekorful/goreportcard-action

Analysis
Got this!
[ ] Add KB for googleapis/code-suggester

Analysis
analysis failed because of `action.yaml` instead of `action.yml`
[ ] Add KB for aormsby/Fork-Sync-With-Upstream-action

Analysis
no analysis found
[ ] Add KB for gaurav-nelson/github-action-markdown-link-check

Analysis
### Analysis ```yml Action Name: gaurav-nelson/github-action-markdown-link-check Action Type: Docker GITHUB_TOKEN Matches: token Stars: 242 Private: false Forks: 49 ```
[ ] Add KB for kidonng/Scoop-GithubActions

Analysis
### Analysis ```yml Action Name: kidonng/Scoop-GithubActions Action Type: Docker GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 2 Private: false Forks: 1 ```
[ ] Add KB for Ash258/Scoop-GithubActions

Analysis
### Analysis ```yml Action Name: Ash258/Scoop-GithubActions Action Type: Docker GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 30 Private: false Forks: 24 ```
[ ] Add KB for scherermichael-oss/action-has-permission

Analysis
### Analysis ```yml Action Name: scherermichael-oss/action-has-permission Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN Top language: JavaScript ```#### FollowUp Links.
[ ] Add KB for wemake-services/wemake-python-styleguide

Analysis
This one needs to be discussed
[ ] Add KB for actions/github-script

Analysis
no analysis found
[ ] B info for common GitHub domain names

Analysis
no analysis found
[ ] Add GitHub token permissions for tj-actions/changed-files Action

Analysis
### Analysis ```yml Action Name: tj-actions/changed-files Action Type: Composite GITHUB_TOKEN Matches: github_token,GITHUB_TOKEN Stars: 692 Private: false Forks: 86 ```
[ ] Add GitHub token permissions for sagikazarmark/setup-please-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Set up Please' # sagikazarmark/setup-please-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for infracost/actions/setup Action

Analysis
### Analysis ```yml Action Name: infracost/actions/setup Action Type: Node GITHUB_TOKEN Matches: TOKEN,github-token,token,GITHUB_TOKEN Stars: 146 Private: false Forks: 19 ```
[ ] Add GitHub token permissions for 8398a7/action-slack Action

Analysis
### Analysis ```yml Action Name: 8398a7/action-slack Action Type: Node GITHUB_TOKEN Matches: github_token,token Top language: TypeScript Stars: 511 Private: false Forks: 116 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/8398a7/action-slack/blob/5e7a5f0deb7dd2b8cccfb6f86d3aff4011e36861/src/main.ts https://github.com/8398a7/action-slack/blob/a3e8b830c2c988f81c885a661af998793e522093/__tests__/client.test.ts https://github.com/8398a7/action-slack/blob/512ca3bca5f574ba30934d501b6bf3f89da740b0/__tests__/pull_request.test.ts https://github.com/8398a7/action-slack/blob/0f88d5d97704b5c413e145eecd0e14fa83f7428c/__tests__/reusableWorkflowJobName.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/matrix.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/customJobName.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/incorrectMatrix.test.ts https://github.com/8398a7/action-slack/blob/512ca3bca5f574ba30934d501b6bf3f89da740b0/__tests__/helper.ts https://github.com/8398a7/action-slack/blob/0ddb66bd58dbd35726dd98ee08205cf422b55640/src/client.ts ### action-security.yml ```yaml name: action-slack github-token: action-input: input: github_token is-default: true permissions: ```
[ ] Add GitHub token permissions for pulumi/action-install-pulumi-cli Action

Analysis
no analysis found
[ ] Add GitHub token permissions for jaxxstorm/action-install-gh-release Action

Analysis
### Analysis ```yml Action Name: jaxxstorm/action-install-gh-release Action Type: Node GITHUB_TOKEN Matches: Token,GITHUB_TOKEN,token Top language: JavaScript Stars: 18 Private: false Forks: 16 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.get | read repos.getLatestRelease | read repos.getRelease | read repos.getReleaseByTag | read #### FollowUp Links. https://github.com/jaxxstorm/action-install-gh-release/blob/d919e59165dbc3d515e32d2bb529eca66209fc18/lib/main.js ### action-security.yml ```yaml name: "Install a binary from GitHub releases" github-token: environment-variable-name: permissions: contents: read ```
[ ] Add GitHub token permissions for dtolnay/rust-toolchain Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: rustup toolchain install # dtolnay/rust-toolchain # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for reimagined/github-actions/resolve-gate Action

Analysis
### Analysis ```yml Action Name: reimagined/github-actions/resolve-gate Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 0 Private: false Forks: 1 ```
[ ] Add GitHub token permissions for crazy-max/ghaction-github-pages Action

Analysis
### Analysis ```yml Action Name: crazy-max/ghaction-github-pages Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,github_token,Token,token Top language: TypeScript Stars: 356 Private: false Forks: 30 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/crazy-max/ghaction-github-pages/blob/0c20c87f978dc85e4b78d5bf7c156de15b2f169e/src/main.ts ### action-security.yml ```yaml name: 'GitHub Pages' github-token: environment-variable-name: permissions: ```
[ ] Add GitHub token permissions for rajatjindal/krew-release-bot Action

Analysis
### Analysis ```yml Action Name: rajatjindal/krew-release-bot Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN Stars: 37 Private: false Forks: 13 ```
[ ] Add GitHub token permissions for terraform-docs/gh-actions Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: terraform-docs-gh-actions # terraform-docs/gh-actions # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for 8398a7/action-slack Action

Analysis
### Analysis ```yml Action Name: 8398a7/action-slack Action Type: Node GITHUB_TOKEN Matches: github_token,token Top language: TypeScript Stars: 511 Private: false Forks: 116 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/8398a7/action-slack/blob/5e7a5f0deb7dd2b8cccfb6f86d3aff4011e36861/src/main.ts https://github.com/8398a7/action-slack/blob/a3e8b830c2c988f81c885a661af998793e522093/__tests__/client.test.ts https://github.com/8398a7/action-slack/blob/512ca3bca5f574ba30934d501b6bf3f89da740b0/__tests__/pull_request.test.ts https://github.com/8398a7/action-slack/blob/0f88d5d97704b5c413e145eecd0e14fa83f7428c/__tests__/reusableWorkflowJobName.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/matrix.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/customJobName.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/incorrectMatrix.test.ts https://github.com/8398a7/action-slack/blob/512ca3bca5f574ba30934d501b6bf3f89da740b0/__tests__/helper.ts https://github.com/8398a7/action-slack/blob/0ddb66bd58dbd35726dd98ee08205cf422b55640/src/client.ts ### action-security.yml ```yaml name: action-slack github-token: action-input: input: github_token is-default: true permissions: ```
[ ] Add GitHub token permissions for ministryofjustice/github-actions/terraform-static-analysis Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Terraform security scan" # ministryofjustice/github-actions/terraform-static-analysis # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for actionsdesk/lfs-warning Action

Analysis
### Analysis ```yml Action Name: actionsdesk/lfs-warning Action Type: Node GITHUB_TOKEN Matches: token,Token,GITHUB_TOKEN Top language: TypeScript Stars: 19 Private: false Forks: 13 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.listFiles | read pulls.list | read git.getBlob | read issues.addLabels | write issues.create | write issues.createComment | write issues.createLabel | write issues.get | read issues.getLabel | read issues.list | read issues.listLabelsOnIssue | read issues.removeLabel | write #### FollowUp Links. https://github.com/ActionsDesk/lfs-warning/blob/7b08791c6402020118f498601c8782fc66295651/src/index.ts ### action-security.yml ```yaml name: "LFS-warning" github-token: action-input: input: token is-default: true permissions: pull-requests: read contents: read issues: write ```
[ ] Add GitHub token permissions for actions-ecosystem/action-regex-match Action

Analysis
### Analysis ```yml Action Name: actions-ecosystem/action-regex-match Action Type: Node GITHUB_TOKEN Matches: github_token,GITHUB_TOKEN Top language: TypeScript Stars: 77 Private: false Forks: 25 ``` ### action-security.yml
[ ] Add GitHub token permissions for GabrielBB/xvfb-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'gabrielbb/xvfb-action' # GabrielBB/xvfb-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for octokit/request-action Action

Analysis
### Analysis ```yml Action Name: octokit/request-action Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN Top language: JavaScript Stars: 247 Private: false Forks: 46 ``` ### action-security.yml
[ ] Add GitHub token permissions for ruby/action-slack Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: action-slack # ruby/action-slack # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for reimagined/github-actions/resolve-gate Action

Analysis
### Analysis ```yml Action Name: reimagined/github-actions/resolve-gate Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 0 Private: false Forks: 1 ```
[ ] Add GitHub token permissions for JS-DevTools/npm-publish Action

Analysis
### Analysis ```yml Action Name: JS-DevTools/npm-publish Action Type: Node GITHUB_TOKEN Matches: token,TOKEN Top language: JavaScript Stars: 386 Private: false Forks: 57 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/JS-DevTools/npm-publish/blob/e42e3720bfe21259120218c19fdbfedcf72692bd/test/specs/action/success.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/action/failure.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/lib/success.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/cli/success.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/cli/args.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/cli/failure.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/test/specs/lib/failure.spec.js https://github.com/JS-DevTools/npm-publish/blob/0f451a94170d1699fd50710966d48fb26194d939/dist/sourcemap-register.js ### action-security.yml ```yaml name: NPM Publish github-token: action-input: input: token is-default: false permissions: ```
[ ] Add GitHub token permissions for actions/github-script Action

Analysis
### Analysis ```yml Action Name: actions/github-script Action Type: Node GITHUB_TOKEN Matches: github-token,token,GITHUB_TOKEN Top language: TypeScript Stars: 2859 Private: false Forks: 302 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/actions/github-script/blob/7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd/src/main.ts ### action-security.yml ```yaml name: GitHub Script github-token: action-input: input: github-token is-default: true permissions: ```
[ ] Add GitHub token permissions for ruby/action-slack Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: action-slack # ruby/action-slack # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for necojackarc/auto-request-review Action

Analysis
### Analysis ```yml Action Name: necojackarc/auto-request-review Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN,Token Top language: JavaScript Stars: 71 Private: false Forks: 15 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.listFiles | read pulls.list | read pulls.requestReviewers | write repos.get | read repos.getContent | read #### FollowUp Links. https://github.com/necojackarc/auto-request-review/blob/e08cdffa277d50854744de3f76230260e61c67f4/src/github.js ### action-security.yml ```yaml name: 'Auto Request Review' github-token: action-input: input: token is-default: false permissions: pull-requests: write contents: read ```
[ ] Add GitHub token permissions for joelanford/go-apidiff Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'go-apidiff' # joelanford/go-apidiff # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for 8398a7/action-slack Action

Analysis
### Analysis ```yml Action Name: 8398a7/action-slack Action Type: Node GITHUB_TOKEN Matches: github_token,token Top language: TypeScript Stars: 511 Private: false Forks: 116 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/8398a7/action-slack/blob/5e7a5f0deb7dd2b8cccfb6f86d3aff4011e36861/src/main.ts https://github.com/8398a7/action-slack/blob/a3e8b830c2c988f81c885a661af998793e522093/__tests__/client.test.ts https://github.com/8398a7/action-slack/blob/512ca3bca5f574ba30934d501b6bf3f89da740b0/__tests__/pull_request.test.ts https://github.com/8398a7/action-slack/blob/0f88d5d97704b5c413e145eecd0e14fa83f7428c/__tests__/reusableWorkflowJobName.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/matrix.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/customJobName.test.ts https://github.com/8398a7/action-slack/blob/b88557f91bdbe37434043070c34568d9314b4223/__tests__/incorrectMatrix.test.ts https://github.com/8398a7/action-slack/blob/512ca3bca5f574ba30934d501b6bf3f89da740b0/__tests__/helper.ts https://github.com/8398a7/action-slack/blob/0ddb66bd58dbd35726dd98ee08205cf422b55640/src/client.ts ### action-security.yml ```yaml name: action-slack github-token: action-input: input: github_token is-default: true permissions: ```
[ ] Add GitHub token permissions for pulumi/action-install-pulumi-cli Action

Analysis
no analysis found
[ ] Add GitHub token permissions for jaxxstorm/action-install-gh-release Action

Analysis
### Analysis ```yml Action Name: jaxxstorm/action-install-gh-release Action Type: Node GITHUB_TOKEN Matches: Token,GITHUB_TOKEN,token Top language: JavaScript Stars: 18 Private: false Forks: 16 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.get | read repos.getLatestRelease | read repos.getRelease | read repos.getReleaseByTag | read #### FollowUp Links. https://github.com/jaxxstorm/action-install-gh-release/blob/d919e59165dbc3d515e32d2bb529eca66209fc18/lib/main.js ### action-security.yml ```yaml name: "Install a binary from GitHub releases" github-token: environment-variable-name: permissions: contents: read ```
[ ] Add GitHub token permissions for RustCrypto/actions/cargo-cache Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "cargo-cache" # RustCrypto/actions/cargo-cache # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for peaceiris/actions-mdbook Action

Analysis
### Analysis ```yml Action Name: peaceiris/actions-mdbook Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,github_token Top language: TypeScript Stars: 221 Private: false Forks: 12 ``` ### action-security.yml
[ ] Add GitHub token permissions for managedkaos/print-env Action

Analysis
no analysis found
[ ] Add GitHub token permissions for appleboy/ssh-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'SSH Remote Commands' # appleboy/ssh-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for atsign-company/certinfo-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN
[ ] Add GitHub token permissions for leonsteinhaeuser/project-beta-automations Action

Analysis
### Analysis ```yml Action Name: leonsteinhaeuser/project-beta-automations Action Type: Composite GITHUB_TOKEN Matches: GITHUB_TOKEN,token,gh_token,TOKEN Stars: 57 Private: false Forks: 12 ```
[ ] Add GitHub token permissions for hashicorp/action-setup-enos Action

Analysis
### Analysis ```yml Action Name: hashicorp/action-setup-enos Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN,TOKEN,github-token Top language: JavaScript Stars: 0 Private: false Forks: 0 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.get | read repos.getRelease | read repos.getReleaseByTag | read #### FollowUp Links. https://github.com/hashicorp/action-setup-enos/blob/b1c15de643ca1af73df5cde0256300d22c0574ac/github-release.js https://github.com/hashicorp/action-setup-enos/blob/b1c15de643ca1af73df5cde0256300d22c0574ac/action.js https://github.com/hashicorp/action-setup-enos/blob/b1c15de643ca1af73df5cde0256300d22c0574ac/octokit.js ### action-security.yml ```yaml name: setup-enos github-token: action-input: input: token is-default: false permissions: contents: read ```
[ ] Add GitHub token permissions for britannio/action-install-flutter Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Install Flutter" # britannio/action-install-flutter # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for contributor-assistant/github-action Action

Analysis
### Analysis ```yml Action Name: contributor-assistant/github-action Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,token,TOKEN,Token,github_token Top language: TypeScript Stars: 175 Private: false Forks: 67 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.get | read actions.getWorkflow | read actions.getWorkflowRun | read actions.listRepoWorkflows | read actions.listWorkflowRuns | read #### FollowUp Links. https://github.com/contributor-assistant/github-action/blob/b3bbab0a75fa27270069933cec6f369c0b373b4e/src/octokit.ts https://github.com/contributor-assistant/github-action/blob/b3bbab0a75fa27270069933cec6f369c0b373b4e/src/setupClaCheck.ts https://github.com/contributor-assistant/github-action/blob/c9eef324b5b8749015256dc7f6a1059e7d0eabd9/src/pullRerunRunner.ts ### action-security.yml ```yaml name: "CLA assistant lite" github-token: environment-variable-name: permissions: pull-requests: read actions: read ```
[ ] Add GitHub token permissions for mondeja/pr-linked-issues-action Action

Analysis
### Analysis ```yml Action Name: mondeja/pr-linked-issues-action Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN Stars: 2 Private: false Forks: 1 ```
[ ] Add GitHub token permissions for dawidd6/action-delete-branch Action

Analysis
### Analysis ```yml Action Name: dawidd6/action-delete-branch Action Type: Node GITHUB_TOKEN Matches: github_token,token Top language: JavaScript Stars: 4 Private: false Forks: 12 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.get | read git.deleteRef | write #### FollowUp Links. https://github.com/dawidd6/action-delete-branch/blob/d1efac9a6f7a9b408d4e8ff663a99c1fbac17b3f/main.js ### action-security.yml ```yaml name: Delete multiple branches github-token: action-input: input: github_token is-default: true permissions: pull-requests: read contents: write ```
[ ] Add GitHub token permissions for mshick/add-pr-comment Action

Analysis
### Analysis ```yml Action Name: mshick/add-pr-comment Action Type: Node GITHUB_TOKEN Matches: repo-token,token,GITHUB_TOKEN Top language: TypeScript Stars: 78 Private: false Forks: 37 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/mshick/add-pr-comment/blob/8645f3f0eac398009275a41b4307f73e8e83eba4/__tests__/add-pr-comment.test.ts https://github.com/mshick/add-pr-comment/blob/8645f3f0eac398009275a41b4307f73e8e83eba4/src/config.ts https://github.com/mshick/add-pr-comment/blob/8645f3f0eac398009275a41b4307f73e8e83eba4/src/proxy.ts https://github.com/mshick/add-pr-comment/blob/8645f3f0eac398009275a41b4307f73e8e83eba4/src/main.ts ### action-security.yml ```yaml name: "Add PR Comment" github-token: action-input: input: repo-token is-default: true permissions: ```
[ ] Add GitHub token permissions for stefanprodan/kube-tools Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Kubernetes toolset' # stefanprodan/kube-tools # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for netlify/actions/cli Action

Analysis
no analysis found
[ ] Add GitHub token permissions for lucacome/docker-image-update-checker Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Docker Image Update Checker" # lucacome/docker-image-update-checker # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for actions/add-to-project Action

Analysis
### Analysis ```yml Action Name: actions/add-to-project Action Type: Node GITHUB_TOKEN Matches: github-token,token Top language: TypeScript Stars: 272 Private: false Forks: 55 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/actions/add-to-project/blob/a9f041ddd462ed185893ea1024cec954f50dbe42/__tests__/add-to-project.test.ts https://github.com/actions/add-to-project/blob/a9f041ddd462ed185893ea1024cec954f50dbe42/src/add-to-project.ts ### action-security.yml ```yaml name: Add To GitHub projects github-token: action-input: input: github-token is-default: false permissions: ```
[ ] Add GitHub token permissions for muesli/readme-scribe Action

Analysis
### Analysis ```yml Action Name: muesli/readme-scribe Action Type: Docker GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 335 Private: false Forks: 19 ```
[ ] Add GitHub token permissions for aquasecurity/tfsec-pr-commenter-action Action

Analysis
### Analysis ```yml Action Name: aquasecurity/tfsec-pr-commenter-action Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN,github_token,token Stars: 114 Private: false Forks: 51 ```
[ ] Add GitHub token permissions for terraform-linters/setup-tflint Action

Analysis
### Analysis ```yml Action Name: terraform-linters/setup-tflint Action Type: Node GITHUB_TOKEN Matches: github_token,token,Token,GITHUB_TOKEN Top language: JavaScript Stars: 66 Private: false Forks: 15 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.get | read repos.getLatestRelease | read #### FollowUp Links. https://github.com/terraform-linters/setup-tflint/blob/ed1eba34474e4fd90bf6cef51a246b862e77a27c/src/setup-tflint.js ### action-security.yml ```yaml name: 'Setup TFLint' github-token: action-input: input: github_token is-default: true permissions: contents: read ```
[ ] Add GitHub token permissions for micnncim/action-label-syncer Action

Analysis
### Analysis ```yml Action Name: micnncim/action-label-syncer Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN,token,TOKEN Stars: 157 Private: false Forks: 35 ```
[ ] Add GitHub token permissions for wei/git-sync Action

Analysis
### Analysis ```yml Action Name: wei/git-sync Action Type: Docker GITHUB_TOKEN Matches: token Stars: 203 Private: false Forks: 97 ```
[ ] Add GitHub token permissions for larsoner/circleci-artifacts-redirector-action Action

Analysis
### Analysis ```yml Action Name: larsoner/circleci-artifacts-redirector-action Action Type: Node GITHUB_TOKEN Matches: repo-token,GITHUB_TOKEN Top language: JavaScript Stars: 8 Private: false Forks: 5 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/larsoner/circleci-artifacts-redirector-action/blob/ba7de004f1a2a6917cb3fa5cecf4f932dad16cd1/index.js ### action-security.yml ```yaml name: 'run-circleci-artifacts-redirector' github-token: action-input: input: repo-token is-default: false permissions: ```
[ ] Add GitHub token permissions for AriPerkkio/eslint-remote-tester-run-action Action

Analysis
### Analysis ```yml Action Name: AriPerkkio/eslint-remote-tester-run-action Action Type: Docker GITHUB_TOKEN Matches: github-token,Token,GITHUB_TOKEN,github_token,token,TOKEN Stars: 1 Private: false Forks: 1 ```
[ ] Add GitHub token permissions for Songmu/tagpr Action

Analysis
### Analysis ```yml Action Name: Songmu/tagpr Action Type: Composite GITHUB_TOKEN Matches: GITHUB_TOKEN,token,github_token Stars: 108 Private: false Forks: 5 ```
[ ] Add GitHub token permissions for isbang/setup-awscli Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Setup AWS cli' # isbang/setup-awscli # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for pulumi/actions Action

Analysis
### Analysis ```yml Action Name: pulumi/actions Action Type: Node GITHUB_TOKEN Matches: TOKEN,github-token,token,GITHUB_TOKEN,Token Top language: TypeScript Stars: 176 Private: false Forks: 50 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| issues.create | write issues.createComment | write issues.list | read issues.listComments | read issues.update | write issues.updateComment | write #### FollowUp Links. https://github.com/pulumi/actions/blob/d6230901ce063cf840449dd19c0d683b2d08263a/src/__tests__/run.test.ts https://github.com/pulumi/actions/blob/ad4b7276fe12fe5228c36e64cda68713119e6973/src/libs/__tests__/get-version.test.ts https://github.com/pulumi/actions/blob/50c6cb368f40038cfed01b92e39b836aec3cf3f4/src/__tests__/config.test.ts https://github.com/pulumi/actions/blob/9bbefdd286a9678df8ac3089ec2aabf248a452ab/src/login.ts https://github.com/pulumi/actions/blob/50c6cb368f40038cfed01b92e39b836aec3cf3f4/src/config.ts https://github.com/pulumi/actions/blob/50c6cb368f40038cfed01b92e39b836aec3cf3f4/src/main.ts https://github.com/pulumi/actions/blob/06bc93fb6890a1d5bc8e4fab9a2354389011666b/src/libs/pr.ts https://github.com/pulumi/actions/blob/959c8f0b1cb16bdaa1cc53db3bf9abc6e20c6ca2/src/libs/envs.ts ### action-security.yml ```yaml name: 'Pulumi CLI Action' github-token: action-input: input: github-token is-default: true permissions: issues: write ```
[ ] Add GitHub token permissions for adoptium/run-aqa Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN
[ ] Add GitHub token permissions for fuxingloh/multi-labeler Action

Analysis
### Analysis ```yml Action Name: fuxingloh/multi-labeler Action Type: Node GITHUB_TOKEN Matches: token,github-token,GITHUB_TOKEN,Token Top language: TypeScript Stars: 22 Private: false Forks: 8 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| issues.addLabels | write repos.createCommitStatus | write #### FollowUp Links. https://github.com/fuxingloh/multi-labeler/blob/67208f475e36fc4f95e3d5a2d4e450433f288be8/src/main.ts ### action-security.yml ```yaml name: 'Multi Labeler' github-token: action-input: input: token is-default: true permissions: issues: write contents: write ```
[ ] Add GitHub token permissions for unsplash/comment-on-pr Action

Analysis
### Analysis ```yml Action Name: unsplash/comment-on-pr Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN Stars: 133 Private: false Forks: 87 ```
[ ] Add GitHub token permissions for emibcn/badge-action Action

Analysis
### Analysis ```yml Action Name: emibcn/badge-action Action Type: Node GITHUB_TOKEN Matches: token Top language: Dockerfile Stars: 45 Private: false Forks: 18 ``` ### action-security.yml
[ ] Add GitHub token permissions for edplato/trufflehog-actions-scan Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Trufflehog Actions Scan' # edplato/trufflehog-actions-scan # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for ckotzbauer/actions-toolkit/setup-syft Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Setup Syft' # ckotzbauer/actions-toolkit/setup-syft # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for CODE-Actions/upload-artifact Action

Analysis
no analysis found
[ ] Add GitHub token permissions for CODE-Actions/checkout Action

Analysis
no analysis found
[ ] Add GitHub token permissions for imranismail/setup-kustomize Action

Analysis
### Analysis ```yml Action Name: imranismail/setup-kustomize Action Type: Node GITHUB_TOKEN Matches: github-token,Token,token,GITHUB_TOKEN Top language: TypeScript Stars: 45 Private: false Forks: 11 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.listReleases | read #### FollowUp Links. https://github.com/imranismail/setup-kustomize/blob/a76db1c6419124d51470b1e388c4b29476f495f1/src/installer.ts ### action-security.yml ```yaml name: 'Setup Kustomize' github-token: action-input: input: github-token is-default: true permissions: contents: read ```
[ ] Add GitHub token permissions for UnlyEd/github-action-store-variable Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Store variables' # UnlyEd/github-action-store-variable # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for 1466587594/get-current-time Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Get Current Time" # 1466587594/get-current-time # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for khan/pull-request-comment-trigger Action

Analysis
### Analysis ```yml Action Name: khan/pull-request-comment-trigger Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN Top language: JavaScript Stars: 166 Private: false Forks: 75 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| reactions.createForIssue | write reactions.createForIssueComment | write #### FollowUp Links. https://github.com/Khan/pull-request-comment-trigger/blob/7d177eaa9f075a2355a761f33223166952d5caef/index.js ### action-security.yml ```yaml name: 'Pull Request Comment Trigger' github-token: environment-variable-name: permissions: undefined: write ```
[ ] Add GitHub token permissions for jrylan/github-action-reviews-counter Action

Analysis
### Analysis ```yml Action Name: jrylan/github-action-reviews-counter Action Type: Node GITHUB_TOKEN Matches: repo-token,GITHUB_TOKEN Top language: TypeScript Stars: 2 Private: false Forks: 7 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/jrylan/github-action-reviews-counter/blob/2dbeab4088d6b2e78a65595ead1ce77ce84bef96/src/action.ts ### action-security.yml ```yaml name: 'Reviews Counter' github-token: action-input: input: repo-token is-default: false permissions: ```
[ ] Add GitHub token permissions for reimagined/github-actions/deploy Action

Analysis
### Analysis ```yml Action Name: reimagined/github-actions/deploy Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 0 Private: false Forks: 1 ```
[ ] Add GitHub token permissions for reimagined/github-actions/install-cloud Action

Analysis
### Analysis ```yml Action Name: reimagined/github-actions/install-cloud Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 0 Private: false Forks: 1 ```
[ ] Add GitHub token permissions for reimagined/github-actions/git-release Action

Analysis
### Analysis ```yml Action Name: reimagined/github-actions/git-release Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 0 Private: false Forks: 1 ```
[ ] Add GitHub token permissions for reimagined/github-actions/generate-changelog Action

Analysis
### Analysis ```yml Action Name: reimagined/github-actions/generate-changelog Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 0 Private: false Forks: 1 ```
[ ] Add GitHub token permissions for reimagined/github-actions/publish Action

Analysis
### Analysis ```yml Action Name: reimagined/github-actions/publish Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 0 Private: false Forks: 1 ```
[ ] Add GitHub token permissions for changesets/action Action

Analysis
### Analysis ```yml Action Name: changesets/action Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,token,TOKEN,Token Top language: TypeScript Stars: 286 Private: false Forks: 111 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.create | write search.issuesAndPullRequests | read pulls.update | write repos.createRelease | write #### FollowUp Links. https://github.com/changesets/action/blob/b78f48099899f0a853c5d9cd3feb21a5440babbd/src/run.test.ts https://github.com/changesets/action/blob/8c3f5f5637a95a2327e78d5dabcf357978aedcbb/src/index.ts https://github.com/changesets/action/blob/b78f48099899f0a853c5d9cd3feb21a5440babbd/src/run.ts ### action-security.yml ```yaml name: Changesets github-token: environment-variable-name: permissions: pull-requests: write undefined: read contents: write ```
[ ] Add GitHub token permissions for repo-sync/github-sync Action

Analysis
### Analysis ```yml Action Name: repo-sync/github-sync Action Type: Docker GITHUB_TOKEN Matches: token,github_token,GITHUB_TOKEN Stars: 290 Private: false Forks: 79 ```
[ ] Add GitHub token permissions for trilom/file-changes-action Action

Analysis
### Analysis ```yml Action Name: trilom/file-changes-action Action Type: Node GITHUB_TOKEN Matches: Token,token,TOKEN,GITHUB_TOKEN,github-token Top language: TypeScript Stars: 136 Private: false Forks: 38 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| pulls.listFiles | read pulls.list | read repos.compareCommits | read #### FollowUp Links. https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/tests/InputHelper.test.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/tests/mocks/github/index.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/InputHelper.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/GithubHelper.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/tests/GithubHelper.test.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/tests/mocks/github/index.test.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/tests/mocks/octokit/payloads.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/tests/UtilsHelper.test.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/tests/main.test.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/tests/integration.test.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/tests/payloads.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/typings/GitHubMock/index.d.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/typings/Inputs/index.d.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/tests/mocks/env/index.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/main.ts https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/tests/FilesHelper.test.ts ### action-security.yml ```yaml name: 'File Changes Action' github-token: action-input: input: Token is-default: true permissions: pull-requests: read contents: read ```
[ ] Add GitHub token permissions for zofrex/mirror-branch Action

Analysis
### Analysis ```yml Action Name: zofrex/mirror-branch Action Type: Node GITHUB_TOKEN Matches: token,Token Top language: JavaScript Stars: 9 Private: false Forks: 2 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| git.updateRef | write #### FollowUp Links. https://github.com/zofrex/mirror-branch/blob/6a3b784024eb7634010107d5722ccc245e2997e8/index.js ### action-security.yml ```yaml name: 'Mirror Branch' github-token: action-input: input: token is-default: true permissions: contents: write ```
[ ] Add GitHub token permissions for tenable/terrascan-action Action

Analysis
### Analysis ```yml Action Name: tenable/terrascan-action Action Type: Docker GITHUB_TOKEN Matches: token,TOKEN Stars: 34 Private: false Forks: 19 ```
[ ] Add GitHub token permissions for SAP/project-piper-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Project "Piper" Action' # SAP/project-piper-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for benchmark-action/github-action-benchmark Action

Analysis
### Analysis ```yml Action Name: benchmark-action/github-action-benchmark Action Type: Node GITHUB_TOKEN Matches: token,github-token,GITHUB_TOKEN,Token,gh-token Top language: TypeScript Stars: 673 Private: false Forks: 110 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.createCommitComment | write repos.get | read repos.getCommit | read #### FollowUp Links. https://github.com/benchmark-action/github-action-benchmark/blob/0e77d47f88d46be363b44052613c0b60bf208243/src/git.ts https://github.com/benchmark-action/github-action-benchmark/blob/0e77d47f88d46be363b44052613c0b60bf208243/test/git.spec.ts https://github.com/benchmark-action/github-action-benchmark/blob/75e5716791928a4e597eb911cc07245d7bca0ee7/src/config.ts https://github.com/benchmark-action/github-action-benchmark/blob/75e5716791928a4e597eb911cc07245d7bca0ee7/src/write.ts https://github.com/benchmark-action/github-action-benchmark/blob/0e77d47f88d46be363b44052613c0b60bf208243/test/config.spec.ts https://github.com/benchmark-action/github-action-benchmark/blob/0e77d47f88d46be363b44052613c0b60bf208243/test/write.spec.ts https://github.com/benchmark-action/github-action-benchmark/blob/75e5716791928a4e597eb911cc07245d7bca0ee7/src/extract.ts https://github.com/benchmark-action/github-action-benchmark/blob/75e5716791928a4e597eb911cc07245d7bca0ee7/test/extract.spec.ts ### action-security.yml ```yaml name: 'Continuous Benchmark' github-token: action-input: input: token is-default: false permissions: contents: write ```
[ ] Add GitHub token permissions for Wandalen/wretry.action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: retry action # Wandalen/wretry.action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for cue-lang/setup-cue Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Setup CUE environment # cue-lang/setup-cue # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for asdf-vm/actions/install Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: asdf install # asdf-vm/actions/install # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for errata-ai/vale-action Action

Analysis
### Analysis ```yml Action Name: errata-ai/vale-action Action Type: Docker GITHUB_TOKEN Matches: token,github_token,GITHUB_TOKEN Stars: 115 Private: false Forks: 35 ```
[ ] Add GitHub token permissions for expo/expo-github-action Action

Analysis
### Analysis ```yml Action Name: expo/expo-github-action Action Type: Node GITHUB_TOKEN Matches: TOKEN,token,Token Top language: JavaScript Stars: 512 Private: false Forks: 41 ``` ### action-security.yml
[ ] Add GitHub token permissions for thehanimo/pr-title-checker Action

Analysis
### Analysis ```yml Action Name: thehanimo/pr-title-checker Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN Top language: JavaScript Stars: 62 Private: false Forks: 20 ``` ### action-security.yml
[ ] Add GitHub token permissions for xt0rted/slash-command-action Action

Analysis
### Analysis ```yml Action Name: xt0rted/slash-command-action Action Type: Node GITHUB_TOKEN Matches: repo-token,GITHUB_TOKEN,token Top language: TypeScript Stars: 50 Private: false Forks: 6 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| reactions.createForIssue | write reactions.createForIssueComment | write repos.get | read repos.getCollaboratorPermissionLevel | read #### FollowUp Links. https://github.com/xt0rted/slash-command-action/blob/14f07dd0f71162fccfbcb7eceff8255b3b09957f/__tests__/main.test.ts https://github.com/xt0rted/slash-command-action/blob/fc800533ee90fe5609712a6d25d6882ec25e983d/src/main.ts https://github.com/xt0rted/slash-command-action/blob/14f07dd0f71162fccfbcb7eceff8255b3b09957f/__tests__/commandHandler.test.ts https://github.com/xt0rted/slash-command-action/blob/a721e16088e6d649eb7ec96c27181e694e9bcda5/src/commandHandler.ts ### action-security.yml ```yaml name: "Slash Commands" github-token: action-input: input: repo-token is-default: true permissions: undefined: write contents: read ```
[ ] Add GitHub token permissions for kubevela/vela-upload-release-asset Action

Analysis
### Analysis ```yml Action Name: kubevela/vela-upload-release-asset Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,token Top language: TypeScript Stars: 0 Private: false Forks: 0 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.uploadReleaseAsset | write #### FollowUp Links. https://github.com/kubevela/vela-upload-release-asset/blob/9b3858e67d3205e056d6220e5972abb32fc47289/src/main.ts ### action-security.yml ```yaml name: 'kubevela-action-upload-release-asset' github-token: environment-variable-name: permissions: contents: write ```
[ ] Add GitHub token permissions for bruceadams/get-release Action

Analysis
### Analysis ```yml Action Name: bruceadams/get-release Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,token Top language: JavaScript Stars: 56 Private: false Forks: 36 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.get | read repos.getRelease | read repos.getReleaseByTag | read #### FollowUp Links. https://github.com/bruceadams/get-release/blob/74c3d60f5a28f358ccf241a00c9021ea16f0569f/src/get-release.js ### action-security.yml ```yaml name: 'Get the upload URL for a release' github-token: environment-variable-name: permissions: contents: read ```
[ ] Add GitHub token permissions for RyanSiu1995/kubebuilder-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Kubebuilder Installation' # RyanSiu1995/kubebuilder-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for nolar/setup-k3d-k3s Action

Analysis
### Analysis ```yml Action Name: nolar/setup-k3d-k3s Action Type: Composite GITHUB_TOKEN Matches: github-token,GITHUB_TOKEN,token Stars: 57 Private: false Forks: 7 ```
[ ] Add GitHub token permissions for nanoufo/action-upload-artifacts-and-release-assets Action

Analysis
### Analysis ```yml Action Name: nanoufo/action-upload-artifacts-and-release-assets Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN Top language: TypeScript Stars: 6 Private: false Forks: 2 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/nanoufo/action-upload-artifacts-and-release-assets/blob/dcfe38cd5fb22f46f80e8a838452f60d27957665/src/inputs-helper.ts ### action-security.yml ```yaml name: 'Upload artifacts & release assets' github-token: environment-variable-name: permissions: ```
[ ] Add GitHub token permissions for lukka/run-cmake Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'run-cmake' # lukka/run-cmake # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for philips-software/app-token-action Action

Analysis
### Analysis ```yml Action Name: philips-software/app-token-action Action Type: Node GITHUB_TOKEN Matches: token Top language: TypeScript Stars: 4 Private: false Forks: 0 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| apps.getOrgInstallation | read #### FollowUp Links. https://github.com/philips-software/app-token-action/blob/212a01f856d967af9566e6229d6b83396ee71c69/src/auth.ts https://github.com/philips-software/app-token-action/blob/0b33407011d7a2694ab9bbf792086fefa1e15d37/src/main.ts ### action-security.yml ```yaml name: 'Create an application or application installation token.' github-token: action-input: input: token is-default: false permissions: undefined: read ```
[ ] Add GitHub token permissions for protocol/multiple-go-modules Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Multiple Go Modules' # protocol/multiple-go-modules # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for ipfs/start-ipfs-daemon-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Start IPFS Daemon' # ipfs/start-ipfs-daemon-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for ipfs/download-ipfs-distribution-action Action

Analysis
### Analysis ```yml Action Name: ipfs/download-ipfs-distribution-action Action Type: Composite GITHUB_TOKEN Matches: GITHUB_TOKEN,token Stars: 0 Private: false Forks: 2 ```
[ ] Add GitHub token permissions for Templum/govulncheck-action Action

Analysis
### Analysis ```yml Action Name: Templum/govulncheck-action Action Type: Composite GITHUB_TOKEN Matches: github-token,Token,token,github_token,GITHUB_TOKEN Stars: 9 Private: false Forks: 3 ```
[ ] Add GitHub token permissions for saadmk11/github-actions-version-updater Action

Analysis
### Analysis ```yml Action Name: saadmk11/github-actions-version-updater Action Type: Docker GITHUB_TOKEN Matches: token,Token,GITHUB_TOKEN Stars: 42 Private: false Forks: 9 ```
[ ] Add GitHub token permissions for hugo19941994/delete-draft-releases Action

Analysis
### Analysis ```yml Action Name: hugo19941994/delete-draft-releases Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN Top language: JavaScript Stars: 5 Private: false Forks: 10 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.delete | write repos.deleteRelease | write repos.listReleases | read #### FollowUp Links. https://github.com/hugo19941994/delete-draft-releases/blob/756bc03306949ab9c7247b7ad6a763258b6f4729/src/delete-draft-releases.js https://github.com/hugo19941994/delete-draft-releases/blob/756bc03306949ab9c7247b7ad6a763258b6f4729/dist/index.js ### action-security.yml ```yaml name: 'Delete Draft Releases' github-token: environment-variable-name: permissions: contents: write ```
[ ] Add GitHub token permissions for embano1/wip Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Check WIP" # embano1/wip # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for kbrashears5/github-action-repo-settings-sync Action

Analysis
### Analysis ```yml Action Name: kbrashears5/github-action-repo-settings-sync Action Type: Docker GITHUB_TOKEN Matches: TOKEN,Token,token Stars: 11 Private: false Forks: 9 ```
[ ] Add GitHub token permissions for ChrisCarini/repo-file-sync-action Action

Analysis
### Analysis ```yml Action Name: ChrisCarini/repo-file-sync-action Action Type: Node GITHUB_TOKEN Matches: Token,token,GITHUB_TOKEN,TOKEN Top language: JavaScript Stars: 0 Private: false Forks: 0 ``` ### action-security.yml
[ ] Add GitHub token permissions for trstringer/manual-approval Action

Analysis
### Analysis ```yml Action Name: trstringer/manual-approval Action Type: Docker GITHUB_TOKEN Matches: TOKEN,token,github_token,GITHUB_TOKEN Stars: 115 Private: false Forks: 39 ```
[ ] Add GitHub token permissions for SAP/fosstars-rating-core-action Action

Analysis
### Analysis ```yml Action Name: SAP/fosstars-rating-core-action Action Type: Docker GITHUB_TOKEN Matches: token,GITHUB_TOKEN Stars: 5 Private: false Forks: 6 ```
[ ] Add GitHub token permissions for EndBug/label-sync Action

Analysis
### Analysis ```yml Action Name: EndBug/label-sync Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN,Token Top language: TypeScript Stars: 9 Private: false Forks: 9 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/EndBug/label-sync/blob/d1a9aef42a1f9507aa418f09b0ac32744fc39c69/src/index.ts ### action-security.yml ```yaml name: Label Sync github-token: action-input: input: token is-default: true permissions: ```
[ ] Add GitHub token permissions for orhun/git-cliff-action Action

Analysis
### Analysis ```yml Action Name: orhun/git-cliff-action Action Type: Docker GITHUB_TOKEN Matches: repo_token,GITHUB_TOKEN Stars: 56 Private: false Forks: 8 ```
[ ] Add GitHub token permissions for svenstaro/upload-release-actions Action

Analysis
no analysis found
[ ] Add GitHub token permissions for tibdex/auto-update Action

Analysis
### Analysis ```yml Action Name: tibdex/auto-update Action Type: Node GITHUB_TOKEN Matches: github_token,Token,token Top language: TypeScript Stars: 39 Private: false Forks: 31 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/tibdex/auto-update/blob/8cf02f8afec03ab6d8a37bcb773863b189fcf539/src/index.ts ### action-security.yml ```yaml name: Auto-update github-token: action-input: input: github_token is-default: true permissions: ```
[ ] Add GitHub token permissions for peter-murray/workflow-application-token-action Action

Analysis
### Analysis ```yml Action Name: peter-murray/workflow-application-token-action Action Type: Node GITHUB_TOKEN Matches: token,GITHUB_TOKEN,Token Top language: JavaScript Stars: 86 Private: false Forks: 20 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| repos.get | read apps.getOrgInstallation | read apps.getRepoInstallation | read #### FollowUp Links. https://github.com/peter-murray/workflow-application-token-action/blob/7b0e459e3557d2d86465abbe0a7dcdfa7577e233/lib/github-application.test.js https://github.com/peter-murray/workflow-application-token-action/blob/90a1df2b1513f927e0172fb0f9b3f724a5170e58/index.js https://github.com/peter-murray/workflow-application-token-action/blob/90a1df2b1513f927e0172fb0f9b3f724a5170e58/lib/github-application.js ### action-security.yml ```yaml name: workflow-application-token-action github-token: action-input: input: token is-default: false permissions: contents: read undefined: read ```
[ ] Add GitHub token permissions for ruby/setup-ruby-pkgs Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Setup Ruby Pkgs' # ruby/setup-ruby-pkgs # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for codfish/semantic-release-action Action

Analysis
### Analysis ```yml Action Name: codfish/semantic-release-action Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN,TOKEN Stars: 83 Private: false Forks: 12 ```
[ ] Add GitHub token permissions for cloudaper/epics-action Action

Analysis
### Analysis ```yml Action Name: cloudaper/epics-action Action Type: Node GITHUB_TOKEN Matches: github-token,token,GITHUB_TOKEN Top language: JavaScript Stars: 56 Private: false Forks: 8 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| issues.list | read issues.listEvents | read issues.listEventsForTimeline | read issues.update | write #### FollowUp Links. https://github.com/cloudaper/epics-action/blob/71662ff7e120ad28e66f6a9ea246d5699480697c/index.js ### action-security.yml ```yaml name: Epic issues for GitHub github-token: action-input: input: github-token is-default: false permissions: issues: write ```
[ ] Add GitHub token permissions for distributhor/workflow-webhook Action

Analysis
### Analysis ```yml Action Name: distributhor/workflow-webhook Action Type: Docker GITHUB_TOKEN Matches: token Stars: 109 Private: false Forks: 41 ```
[ ] Add GitHub token permissions for shalzz/zola-deploy-action Action

Analysis
### Analysis ```yml Action Name: shalzz/zola-deploy-action Action Type: Docker GITHUB_TOKEN Matches: GITHUB_TOKEN,token Stars: 156 Private: false Forks: 58 ```
[ ] Add GitHub token permissions for mfinelli/setup-shfmt Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: Setup shfmt # mfinelli/setup-shfmt # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for martinbeentjes/npm-get-version-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Get current package version' # martinbeentjes/npm-get-version-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for datreeio/action-datree Action

Analysis
### Analysis ```yml Action Name: datreeio/action-datree Action Type: Docker GITHUB_TOKEN Matches: token,TOKEN Stars: 19 Private: false Forks: 11 ```
[ ] Add GitHub token permissions for snok/container-retention-policy Action

Analysis
### Analysis ```yml Action Name: snok/container-retention-policy Action Type: Composite GITHUB_TOKEN Matches: token Stars: 74 Private: false Forks: 13 ```
[ ] Add GitHub token permissions for iranzo/gh-pages-jekyll-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: GitHub Jekyll Build Action # iranzo/gh-pages-jekyll-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for technote-space/broken-link-checker-action Action

Analysis
### Analysis ```yml Action Name: technote-space/broken-link-checker-action Action Type: Node GITHUB_TOKEN Matches: GITHUB_TOKEN,token,TOKEN Top language: TypeScript Stars: 17 Private: false Forks: 6 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| issues.create | write issues.get | read #### FollowUp Links. https://github.com/technote-space/broken-link-checker-action/blob/186a34ca47cdf80fe8db1890241dbb6a5941f018/src/process.test.ts ### action-security.yml ```yaml name: Broken Link Checker Action github-token: action-input: input: GITHUB_TOKEN is-default: true permissions: issues: write ```
[ ] Add GitHub token permissions for actions/cache/restore Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Restore Cache' # actions/cache/restore # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for actions/cache/save Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Save a cache' # actions/cache/save # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for carlosperate/download-file-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Download File To Workspace' # carlosperate/download-file-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for myci-actions/add-deb-repo Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Add debian repository' # myci-actions/add-deb-repo # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for anishathalye/proof-html Action

Analysis
### Analysis ```yml Action Name: anishathalye/proof-html Action Type: Docker GITHUB_TOKEN Matches: token,Token,GITHUB_TOKEN,TOKEN Stars: 26 Private: false Forks: 8 ```
[ ] Add GitHub token permissions for laoshanxi/coverity-scan-action Action

Analysis
### Analysis ```yml Action Name: laoshanxi/coverity-scan-action Action Type: Composite GITHUB_TOKEN Matches: token,TOKEN Stars: 0 Private: false Forks: 0 ```
[ ] Add GitHub token permissions for test-summary/action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'TestForest Dashboard' # test-summary/action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for xt0rted/dotnet-format-problem-matcher Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Problem Matcher for dotnet-format" # xt0rted/dotnet-format-problem-matcher # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for al-cheb/configure-pagefile-action Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Configure Pagefile' # al-cheb/configure-pagefile-action # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for hashicorp/vault-action Action

Analysis
### Analysis ```yml Action Name: hashicorp/vault-action Action Type: Node GITHUB_TOKEN Matches: OIDC,Token,oidc,token,TOKEN,GITHUB_TOKEN Top language: JavaScript Stars: 305 Private: false Forks: 103 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/hashicorp/vault-action/blob/e025870ee9a6ea1cc390db226caaf29b4150cca3/integrationTests/basic/jwt_auth.test.js https://github.com/hashicorp/vault-action/blob/2dcbd17a34a9475155a8c1e450acfea85ac320e1/src/auth.test.js https://github.com/hashicorp/vault-action/blob/25737aea2bf1c6a43a4d9e91ea6a7b0774fed7cb/src/auth.js https://github.com/hashicorp/vault-action/blob/25737aea2bf1c6a43a4d9e91ea6a7b0774fed7cb/integrationTests/e2e-tls/setup.js https://github.com/hashicorp/vault-action/blob/25737aea2bf1c6a43a4d9e91ea6a7b0774fed7cb/integrationTests/e2e/setup.js https://github.com/hashicorp/vault-action/blob/55a11671e01aa1979c20c1a0ecf007ea18e71147/src/action.js https://github.com/hashicorp/vault-action/blob/e025870ee9a6ea1cc390db226caaf29b4150cca3/integrationTests/basic/integration.test.js https://github.com/hashicorp/vault-action/blob/55a11671e01aa1979c20c1a0ecf007ea18e71147/src/action.test.js https://github.com/hashicorp/vault-action/blob/e025870ee9a6ea1cc390db226caaf29b4150cca3/integrationTests/enterprise/enterprise.test.js https://github.com/hashicorp/vault-action/blob/55a11671e01aa1979c20c1a0ecf007ea18e71147/src/retries.test.js ### action-security.yml ```yaml name: 'Vault Secrets' github-token: action-input: input: Token is-default: false permissions: ```
[ ] Add GitHub token permissions for shogo82148/actions-upload-release-asset Action

Analysis
### Analysis ```yml Action Name: shogo82148/actions-upload-release-asset Action Type: Node GITHUB_TOKEN Matches: github_token,token Top language: TypeScript Stars: 46 Private: false Forks: 4 ``` ### Endpoints Found |Endpoint | Permission| |---------| ----------| #### FollowUp Links. https://github.com/shogo82148/actions-upload-release-asset/blob/373bb477cbc10974608af645c271193f21923094/src/main.ts https://github.com/shogo82148/actions-upload-release-asset/blob/33c31b8c82c5e3f079d9f3ffd5b4eb2a7beb454a/src/upload-release-asset.ts https://github.com/shogo82148/actions-upload-release-asset/blob/f34bbd3ab62eebb70df31098100624a1eb5168b3/__tests__/upload-release-asset.test.ts ### action-security.yml ```yaml name: 'Yet Another Upload Release Asset Action' github-token: action-input: input: github_token is-default: true permissions: ```
[ ] Add GitHub token permissions for chainguard-dev/actions/kind-diag Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: 'Collect KinD diagnostics' # chainguard-dev/actions/kind-diag # GITHUB_TOKEN not used ```
[ ] Add GitHub token permissions for sigstore/scaffolding/actions/setup Action

Analysis
### Analysis ```yml Action Name: sigstore/scaffolding/actions/setup Action Type: Composite GITHUB_TOKEN Matches: token,OIDC,TOKEN Stars: 41 Private: false Forks: 29 ```
[ ] Add GitHub token permissions for paulhatch/semantic-version Action

Analysis
This action's `action.yml` & `README.md` doesn't contains any reference to GITHUB_TOKEN ### action-security.yml ```yaml name: "Git Semantic Version" # paulhatch/semantic-version # GITHUB_TOKEN not used ```

step-security / secure-repo

Issue to track missing KBs #1380