Get Health/Propose modifications of each GitHub Action in a repository

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for jylenhof from gravatar.com jylenhof

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

gh-action-pulse

gh-action-pulse is a utility designed to monitor and analyze the health of GitHub Actions dependencies within a repository. It scans your workflow and action definition files to identify which actions are being used and updates them to the last existing tag using (./rules.md)

Key Features

  • Automatic Scanning: Detects uses: statements across .github/workflows and .github/actions.
  • Reference Identification: Determines if an action is pinned to a specific commit SHA, a tag, or a branch.
  • Update Recommendations: Queries the GitHub API to compare your current references against the latest stable semantic version (SemVer) tags.
  • Metadata Insights: Retrieves commit dates and reference types to help evaluate the "freshness" of your CI/CD dependencies.

Setup

The tool interacts with the GitHub API and requires a GitHub Personal Access Token.

export GITHUB_TOKEN=your_github_token_here

If you haven't one, there's a fallback which will create a token using gh command

You will need python >= 3.14 to make this program works correctly.

Local Installation

uv tool install . --force --reinstall

Installation from last pypi release

Using uv

uv tool install gh-action-pulse

Using pipx

pipx install gh-action-pulse

Roadmap

Randoms items

  • Maybe Separate unit tests with appropriate workflow (pytest)
  • Add E2E tests with appropriate workflow (pytest and/or bats)
  • Be able to check for nodejs version in upstream repo
  • Be able to raise some warnings if there's no recent upstream tag within x days
  • Maybe configuration file with some ignore parameters or specific rules for some workflows
  • Check eventual redirection of action to update to new URL

CONTRIBUTING

  • Feel free to contribute ;-)

Jean-Yves

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for jylenhof from gravatar.com jylenhof

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

This version

0.1.1

0.1.0

0.0.13

0.0.12

0.0.11

0.0.10

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

gh_action_pulse-0.1.1-py3-none-any.whl (22.6 kB view details)

Uploaded Python 3

File details

Details for the file gh_action_pulse-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: gh_action_pulse-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 22.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for gh_action_pulse-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 0c933803b8b2e9c2a323ee71905f95629dcb2af308560ca3d4d6d16776436b35
MD5 2585a70a8c51ce134907eb32c579192f
BLAKE2b-256 93ade13648073d092209ae2ee6fe0261bfe5221a2c3c91e745f4df4d0324cf0d

See more details on using hashes here.

Provenance

The following attestation bundles were made for gh_action_pulse-0.1.1-py3-none-any.whl:

Publisher: code-checks.yml on jylenhof/gh-action-pulse

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page