Skip to content

Socket Security (Action)

Actions
Run Socket.dev security analysis in firewall or CLI mode
v1
Latest
By SocketDev
Verified creator
Star (4)

Tags

 (2)
securitydependency-management

Verified

GitHub has manually verified the creator of the action as an official partner organization. For more info see About badges in GitHub Marketplace.

Socket Security (GitHub Action)

A GitHub Action for running Socket.dev

Tip

A GitHub App is also available for a fully automated SCA workflow.

Usage

This action can run in multiple modes:

Socket Firewall: Free

Downloads and installs Socket Firewall: Free edition in your GitHub Action job, making it available to use in subsequent steps.

on: push

jobs:
  safe-install:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v4

      - uses: SocketDev/action@v1
        with:
          mode: firewall-free

      # javascript / typescript
      - run: sfw npm install # or yarn, pnpm

      # rust
      - run: sfw cargo fetch

      # python
      - run: sfw pip install -r requirements.txt

Inputs

Input Description Required Default
firewall-version Specify the firewall version number No latest
job-summary Create a job summary (all, errors, or none) No all
use-cache Cache the Socket binaries (force download if false) No true
github-token GitHub API Token used for downloading binaries No ${{ github.token}}

Outputs

Output Description
firewall-path-report Path to the generated firewall report JSON
firewall-path-binary Path to the installed binary

Socket Firewall: Enterprise

Downloads and installs Socket Firewall: Enterprise edition in your GitHub Action job, making it available to use in subsequent steps as a wrapper.

on: push

jobs:
  safe-install:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v4

      - uses: SocketDev/action@v1
        with:
          mode: firewall-enterprise
          socket-token: ${{ secrets.SOCKET_API_KEY }}

      # javascript / typescript
      - run: sfw npm install # or yarn, pnpm

      # rust
      - run: sfw cargo fetch

      # python
      - run: sfw pip install -r requirements.txt

Inputs

Input Description Required Default
firewall-version Specify the firewall version number No latest
job-summary Create a job summary (all, errors, or none) No all
use-cache Cache the Socket binaries (force download if false) No true
github-token GitHub API Token used for downloading binaries No ${{ github.token}}
socket-token Socket API Token YES -

Outputs

Output Description
firewall-path-report Path to the generated firewall report JSON
firewall-path-binary Path to the installed binary

Contributors (4)

@ahmadnassri@socket-release-bot@divmain
+ 1 contributors

Resources

Socket Security (Action) is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.

About

Run Socket.dev security analysis in firewall or CLI mode
v1
Latest
By SocketDev

Verified

GitHub has manually verified the creator of the action as an official partner organization. For more info see About badges in GitHub Marketplace.

Tags

 (2)
securitydependency-management

Contributors (4)

@ahmadnassri@socket-release-bot@divmain
+ 1 contributors

Resources

Socket Security (Action) is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.