Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

actions-hardify

command module

v0.2.0 Latest Latest Go to latest Published: Mar 30, 2026 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/richard87/actions-hardify

Links

Open Source Insights

README ¶

GitHub Actions Hardener

A CLI tool that finds all GitHub Actions workflows in a folder and hardens them.

Installation

go install github.com/richard87/actions-hardify@latest

Restrict permissions for GITHUB_TOKEN.
Pin actions to a full length commit SHA.
list outdated versions, suggest upgrade to newest version
Use github api to find versions

TODO:

BUG: error: parsing radix-acr-cleanup/charts/radix-acr-cleanup/templates/deployment.yaml: yaml: line 5: did not find expected node content

Contributing

See CONTRIBUTING.md for guidelines.

License

This project is licensed under the MIT License.

Acknowledgements

Thanks to Step Security for the inspiration behind this CLI.

Documentation ¶

The Go Gopher

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
internal
github
hardener
report
scanner
workflow