Support scanning GitHub Actions
under review
A
Allan Reyes
Do y’all have anything on the roadmap (or does it already exist!?) for scanning GH actions? Lots of these are JS packages anyway, but just not published to npm. And I’m not too keen on reading through dist/ folders manually. Would love support for this!
Feross Aboukhadijeh (Socket)
Joévin SOULENQ
Allan Reyes it seems to be a duplicate of https://feedback.socket.dev/feature-requests/p/malware-detection-within-github-actions
Feross Aboukhadijeh (Socket)
Joévin SOULENQ: Merged!
Feross Aboukhadijeh (Socket)
under review
This should be doable, but we need to investigate what would be required to add support.