Scans GitHub workflows for known vulnerable actions using the NIST National Vulnerability Database (NVD) API

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for gavinroderick from gravatar.com gavinroderick

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

🐕 ci-cerberus

Guarding the gates of your GitHub workflows

What is it?

ci-cerberus is a tool designed to locate third-party GitHub Actions in your workflows, and report any known vulnerabilities back to you.

Running ci-cerberus

The easiest way to run this tool is with pipx.

You can install it (if you don't already have it) by following the instructions here

Scan

scan is currently the only command available in ci-cerberus.

It looks for workflows in your .github/workflows folder, and finds any third-party actions. It then checks the NIST NVD for any known vulnerabilities and reports them back to you

Navigate to the root of the repository you want to scan and run

pipx run ci-cerberus scan

Debug Mode

If you want to see more information about what this tool is doing under the hood, you can enable debug mode by supplying the -d or --debug flag before the command

pipx run ci-cerberus -d scan

Help

If you're stuck, you can pull up the help text any time by running

pipx run ci-cerberus -h

Notes

This tool was created as a project for one of my modules on the Masters program I'm currently enrolled in at Abertay University.

If you're reading this, then you're probably one of my lecturers 👋🏻

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for gavinroderick from gravatar.com gavinroderick

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

This version

0.1.7

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ci_cerberus-0.1.7.tar.gz (10.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ci_cerberus-0.1.7-py3-none-any.whl (11.9 kB view details)

Uploaded Python 3

File details

Details for the file ci_cerberus-0.1.7.tar.gz.

File metadata

  • Download URL: ci_cerberus-0.1.7.tar.gz
  • Upload date:
  • Size: 10.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: python-httpx/0.28.1

File hashes

Hashes for ci_cerberus-0.1.7.tar.gz
Algorithm Hash digest
SHA256 9237498dc34b569d2d0e78a20edc4c19136ed502ed392536ff057ff2e969d457
MD5 9fa1ea867272272995896aa85045370a
BLAKE2b-256 2733154db5d8e5ac7cb84717ec83e36f8f7ddd07030655784e5e706d09110eae

See more details on using hashes here.

File details

Details for the file ci_cerberus-0.1.7-py3-none-any.whl.

File metadata

  • Download URL: ci_cerberus-0.1.7-py3-none-any.whl
  • Upload date:
  • Size: 11.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: python-httpx/0.28.1

File hashes

Hashes for ci_cerberus-0.1.7-py3-none-any.whl
Algorithm Hash digest
SHA256 3703d1fbb86e084e63be6352e7dff9f0758a27f0f72330a5284e5898cad9b5c9
MD5 837d0cde97b3a243b5bffefb56e24a13
BLAKE2b-256 f191ef76a995826ba60fe03cf1d51b68426a5dd020dbd187f0f3d87379dca6b6

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page