Socket Basics Security Scanner
Version updated for https://github.com/SocketDev/socket-basics to version v2.0.3.
This publisher is shown as ‘verified’ by GitHub.
This action is used across all versions by 1 repositories.
Action Type
This is a Docker action.
Go to the GitHub Marketplace to find the latest changes.
Action Summary
Socket Basics is a comprehensive GitHub Action for automating security scans across codebases. It integrates multiple security tools, including SAST, secret detection, dependency analysis, and container scanning, consolidating their results into a unified format for streamlined reporting via pull request comments or other notification channels. This action simplifies security management by enabling centralized policy configuration through the Socket Dashboard, providing developers with an efficient, low-configuration solution to identify and address potential vulnerabilities in their workflows.
What’s Changed
What’s Changed
🔧 Other Changes
- fix: Harden GHA workflows by @reberhardt7 in https://github.com/SocketDev/socket-basics/pull/58
- docs: cleanup docs guidance, additional workflow hardening by @lelia in https://github.com/SocketDev/socket-basics/pull/60
- fix(rules): improve precision of 4 high-FP dotnet opengrep rules by @dc-larsen in https://github.com/SocketDev/socket-basics/pull/63
- chore(release): prepare v2.0.3, simplify release process by @lelia in https://github.com/SocketDev/socket-basics/pull/66
New Contributors
- @reberhardt7 made their first contribution in https://github.com/SocketDev/socket-basics/pull/58
Full Changelog: https://github.com/SocketDev/socket-basics/compare/v2.0.2...v2.0.3