A GitHub Action for detecting vulnerable dependencies and invalid licenses in your PRs
☆790Feb 27, 2026Updated this week
Alternatives and similar repositories for dependency-review-action
Users that are interested in dependency-review-action are comparing it to the libraries listed below
Sorting:
- Official GitHub Action for OpenSSF Scorecard.☆361Feb 10, 2026Updated 3 weeks ago
- Optimize the utilization of GHAS licenses in an enterprise (or organization)☆15Feb 12, 2026Updated 3 weeks ago
- Automate adding issues and pull requests to GitHub projects☆676Updated this week
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆115Aug 8, 2025Updated 6 months ago
- Actions for running CodeQL analysis☆1,494Updated this week
- An action for automatically labelling pull requests☆2,394Feb 26, 2026Updated last week
- Write workflows scripting the GitHub API in JavaScript☆4,884Updated this week
- Static checker for GitHub Actions workflow files☆3,636Updated this week
- GitHub token permissions Monitor and Advisor actions☆353Jan 31, 2026Updated last month
- Cache dependencies and build outputs in GitHub Actions☆5,280Updated this week
- ☆837Updated this week
- ☆44Updated this week
- Orchestrate GitHub Actions Security☆305Jan 16, 2026Updated last month
- GitHub Action for creating a GitHub App Installation Access Token☆739Updated this week
- automated releases based on conventional commits☆2,304Feb 20, 2026Updated last week
- Action to detect if a secret is initially detected in a PR commit☆11Jun 19, 2023Updated 2 years ago
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆966Feb 26, 2026Updated last week
- Action for generating attestations for workflow artifacts☆74Updated this week
- Action for generating build provenance attestations for workflow artifacts☆895Updated this week
- GitHub Action for creating software bill of materials using Syft.☆225Feb 25, 2026Updated last week
- GitHub Actions Importer helps you plan and automate the migration of Azure DevOps, Bamboo, CircleCI, GitLab, Jenkins, and Travis CI pipel…☆84Apr 8, 2024Updated last year
- Reusable workflows for developing actions☆76Dec 15, 2025Updated 2 months ago
- Marks issues and pull requests that have not had recent interaction☆1,645Updated this week
- Gather metrics on issues/prs/discussions such as time to first response, count of issues opened, closed, etc.☆523Feb 24, 2026Updated last week
- ☆57Updated this week
- run actionlint with reviewdog☆94Feb 16, 2026Updated 2 weeks ago
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆221Updated this week
- GitHub Advance Security Compliance Action☆134Dec 14, 2022Updated 3 years ago
- A tool that aims to bulk automates the enablement of GitHub Code Scanning, Secret Scanning and Dependabot across multiple repositories.☆158Jun 17, 2024Updated last year
- Set up your GitHub Actions workflow with a specific version of node.js☆4,669Updated this week
- Action for checking out a repo☆7,576Feb 3, 2026Updated last month
- Extract information about the dependencies being updated by a Dependabot-generated PR.☆297Updated this week
- A GitHub (gh) CLI extension to manage the GitHub Actions caches being used in a GitHub repository.☆324Oct 21, 2024Updated last year
- Calculates dependencies for a Go build-target and submits the list to the Dependency Submission API☆74Nov 24, 2025Updated 3 months ago
- Libs and tools used to build all *-version tools for GitHub Actions☆30Dec 15, 2025Updated 2 months ago
- 🤖 Dependabot's core logic for creating update PRs.☆5,434Updated this week
- GitHub Action to publish artifacts to GitHub Pages for deployments☆867Oct 14, 2024Updated last year
- GitHub Action for filtering Code Scanning alerts by path and id☆37Oct 16, 2024Updated last year
- Automatically set the CodeQL matrix job using the languages in your repository.☆17Jan 8, 2026Updated last month