Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

@actions/core

Ecosystem:
npm
Package URL:
pkg:npm/@actions/core
Total PRs:
1,489 Dependabot PRs
Latest PR:
3 days ago
Unique Repositories:
1,107 repositories
Unique Repos (30 days):
52 repositories
Security Advisories
Environment Variable Injection in GitHub Actions
GHSA-mfwh-5m23-j46w CVE-2020-15228 LOW published over 5 years ago • updated 2 days ago
### Impact The `@actions/core` npm module `addPath` and `exportVariable` functions communicate with the Actions Runner over stdout by generating a ...
@actions/core has Delimiter Injection Vulnerability in exportVariable
GHSA-7r3h-m5j6-3q42 CVE-2022-35954 MODERATE published over 3 years ago • updated 2 days ago
## Impact The `core.exportVariable` function uses a well known delimiter that attackers can use to break out of that specific variable and assign ...
Recent PRs
RSS Feed
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

Sarthakgour9/sarthak-gour9 #1

2.0.1 → 3.0.0 Major PR
Open 3 days ago 1 comment
Sarthakgour9
chore(deps): bump @actions/core from 1.11.1 to 3.0.0

quantcdn/quant-cloud-agent-tools-action #3

1.11.1 → 3.0.0 Major PR
Open 4 days ago 1 comment
quantcdn
Bump @actions/core from 1.11.1 to 3.0.0

edanmccllan0r05/swift-coverage-action #7

1.11.1 → 3.0.0 Major PR
Open 6 days ago 1 comment
edanmccllan0r05
Bump @actions/core from 1.11.1 to 3.0.0

cisagov/setup-env-github-action #101

1.11.1 → 3.0.0 Major PR
Open 7 days ago 1 comment
cisagov
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

adityasingh-rana/aditya-github-stats #1

2.0.1 → 3.0.0 Major PR
Open 7 days ago 1 comment
adityasingh-rana
build(deps): bump the all group across 1 directory with 15 updates

raven-actions/publish-and-tag #403

2.0.2 → 3.0.0 Major PR
Closed 7 days ago 4 comments
raven-actions
Bump @actions/core from 1.11.1 to 3.0.0

ncalteen/what-did-i-do #132

1.11.1 → 3.0.0 Major PR
Open 8 days ago 1 comment
ncalteen
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

tj-commits/github-readme-stats #13

2.0.1 → 3.0.0 Major PR
Open 8 days ago 1 comment
tj-commits
build(deps): bump @actions/core from 1.10.1 to 3.0.0

brightnetwork/add-gh-comment #111

1.10.1 → 3.0.0 Major PR
Open 8 days ago 10 comments
brightnetwork
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

GrinZero/github-readme-stats #1

2.0.1 → 3.0.0 Major PR
Open 8 days ago 1 comment
GrinZero
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

Minha02/github-readme-stats-minha #6

2.0.1 → 3.0.0 Major PR
Open 9 days ago 1 comment
Minha02
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

lulaide/github-readme-stats #3

2.0.1 → 3.0.0 Major PR
Open 10 days ago 1 comment
lulaide
chore(deps): bump the npm_and_yarn group across 2 directories with 14 updates

Reality2byte/berry #44

1.2.6 → 1.11.1 Minor PR
Closed 10 days ago 1 comment
Reality2byte
Bump @actions/core from 1.11.1 to 3.0.0

tleodoramladenovic/swift-coverage-action #10

1.11.1 → 3.0.0 Major PR
Closed 10 days ago 1 comment
tleodoramladenovic
build(deps): bump the all group across 1 directory with 15 updates

actions-marketplace-validations/raven-actions_publish-and-tag #63

2.0.2 → 3.0.0 Major PR
Open 10 days ago 1 comment
actions-marketplace-validations
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

luareflection/github-readme-stats #7

2.0.1 → 3.0.0 Major PR
Open 11 days ago 1 comment
luareflection
build(deps): bump the all group across 1 directory with 15 updates

raven-actions/publish-and-tag #401

2.0.2 → 3.0.0 Major PR
Open 11 days ago 3 comments
raven-actions
build(deps): bump @actions/core from 1.11.1 to 3.0.0

metalbear-co/build-push-action #11

1.11.1 → 3.0.0 Major PR
Open 12 days ago 1 comment
metalbear-co
build(deps): bump the npm_and_yarn group across 4 directories with 40 updates

jefferyq2/berry #3

1.2.6 → 1.11.1 Minor PR
Closed 13 days ago 1 comment
jefferyq2
chore(deps): bump the node-dependencies group across 1 directory with 19 updates

jbcom/agentic #74

2.0.1 → 3.0.0 Major PR
Closed 13 days ago 1 comment
jbcom
Bump @actions/core from 1.11.1 to 3.0.0

batojflslm/swift-coverage-action #11

1.11.1 → 3.0.0 Major PR
Closed 13 days ago 1 comment
batojflslm
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

thanhtunguet/my-github-readme-stats #3

2.0.1 → 3.0.0 Major PR
Open 14 days ago 1 comment
thanhtunguet
chore(deps): bump the npm group across 1 directory with 12 updates

actions-marketplace-validations/clowdhaus_terraform-min-max #14

2.0.2 → 3.0.0 Major PR
Closed 14 days ago 1 comment
actions-marketplace-validations
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

pqpcara/pqpcara-stats #9

2.0.1 → 3.0.0 Major PR
Open 14 days ago 1 comment
pqpcara
chore(deps): update npm/ bump the npm group across 1 directory with 17 updates

actions-marketplace-validations/coolusaHD_json-from-env #54

1.11.1 → 3.0.0 Major PR
Open 14 days ago 1 comment
actions-marketplace-validations
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

kadir465/kadir-stats #3

2.0.1 → 3.0.0 Major PR
Open 14 days ago 1 comment
kadir465
chore(deps): bump the npm_and_yarn group across 4 directories with 16 updates

JounQin/berry #3

1.2.6 → 1.11.1 Minor PR
Open 15 days ago 4 comments
JounQin
build: bump the npm-dependencies group with 11 updates

actions-marketplace-validations/bugale_bugroup-checks #1

1.11.1 → 3.0.0 Major PR
Open 16 days ago 1 comment
actions-marketplace-validations
Bump @actions/core from 1.10.0 to 3.0.0

Doarakko/action-lgtmoon #62

1.10.0 → 3.0.0 Major PR
Closed 16 days ago 1 comment
Doarakko
chore(deps): bump the npm_and_yarn group across 2 directories with 14 updates

Reality2byte/berry #42

1.2.6 → 1.11.1 Minor PR
Closed 18 days ago 1 comment
Reality2byte
chore(deps): bump the npm_and_yarn group across 4 directories with 15 updates

ANIK101532/berry #2

1.2.6 → 1.11.1 Minor PR
Closed 18 days ago 1 comment
ANIK101532
Bump @actions/core from 1.11.1 to 3.0.0

OpsTrails/track-event #4

1.11.1 → 3.0.0 Major PR
Open 19 days ago 2 comments
OpsTrails
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

Rotfuchs-von-Vulpes/stats #21

2.0.1 → 3.0.0 Major PR
Open 19 days ago 1 comment
Rotfuchs-von-Vulpes
build(deps-dev): Bump @actions/core from 2.0.1 to 3.0.0

kiloexabyte/github-readme-stats #70

2.0.1 → 3.0.0 Major PR
Closed 20 days ago 2 comments
kiloexabyte
build(deps): bump the all group across 1 directory with 15 updates

actions-marketplace-validations/raven-actions_publish-and-tag #59

2.0.2 → 3.0.0 Major PR
Closed 20 days ago 2 comments
actions-marketplace-validations
build(deps): Bump the all group across 1 directory with 19 updates

raven-actions/environment-variables #319

1.10.1 → 3.0.0 Major PR
Open 21 days ago 2 comments
raven-actions
Bump @actions/core from 2.0.2 to 3.0.0

DeviesDevelopment/workflow-timer #101

2.0.2 → 3.0.0 Major PR
Closed 21 days ago 1 comment
DeviesDevelopment
chore(deps): bump @actions/core from 1.11.1 to 3.0.0

crazy-max/ghaction-upx #273

1.11.1 → 3.0.0 Major PR
Closed 21 days ago 2 comments
crazy-max
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

yeadonaye/readmeStats #12

2.0.1 → 3.0.0 Major PR
Open 21 days ago 1 comment
yeadonaye
Bump @actions/core from 1.11.1 to 3.0.0

perdwmatlihi/swift-coverage-action #12

1.11.1 → 3.0.0 Major PR
Closed 24 days ago 1 comment
perdwmatlihi
build(deps-dev): bump @actions/core from 2.0.1 to 3.0.0

KoXhine/themes #5

2.0.1 → 3.0.0 Major PR
Open 24 days ago 1 comment
KoXhine
Bump @actions/core from 2.0.3 to 3.0.0

github/codeql-action #3469

2.0.3 → 3.0.0 Major PR
Open 26 days ago 2 comments
github
build(deps): Bump the production-dependencies group with 4 updates

amulya-labs/gha-opencache #12

1.11.1 → 3.0.0 Major PR
Closed 27 days ago 1 comment
amulya-labs
Bump the npm group across 2 directories with 10 updates

actions-marketplace-validations/poad_aws-cloudformation-stack-status-checker #104

2.0.2 → 3.0.0 Major PR
Closed 28 days ago 1 comment
actions-marketplace-validations
build(deps): bump the dependencies group across 9 directories with 16 updates

envoyproxy/toolshed #3712

2.0.1 → 3.0.0 Major PR
Closed 28 days ago 2 comments
envoyproxy
chore(deps): bump the npm group across 1 directory with 11 updates

actions-marketplace-validations/clowdhaus_terraform-min-max #13

2.0.2 → 3.0.0 Major PR
Closed 28 days ago 1 comment
actions-marketplace-validations
Bump the production-dependencies group across 1 directory with 5 updates

jelmore1674/release-semver-action #73

2.0.1 → 3.0.0 Major PR
Open 28 days ago 1 comment
jelmore1674
Bump @actions/core from 1.11.1 to 3.0.0

step-security/ghaction-setup-containerd #112

1.11.1 → 3.0.0 Major PR
Open 28 days ago 1 comment
step-security
deps: Bump the production-dependencies group across 1 directory with 2 updates

advanced-security/spdx-dependency-submission-action #101

2.0.2 → 3.0.0 Major PR
Open 28 days ago 1 comment
advanced-security
build(deps-dev): bump @actions/core from 1.11.1 to 3.0.0

CloudHolic/github-readme-stats #20

1.11.1 → 3.0.0 Major PR
Open 28 days ago 2 comments
CloudHolic
Package Details
Name: @actions/core
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/@actions/core
JSON API: View JSON
Security Advisories

2

Active advisories
MODERATE 1
LOW 1
View All npm Advisories
Package Information
Description:

Actions core lib

Repository: https://github.com/actions/toolkit
Homepage: https://github.com/actions/toolkit/tree/main/packages/core
Latest Release: 1.11.1
over 1 year ago
Dependent Repos: 147,199
Dependent Packages: 1,089
Downloads: 15,711,687
Ranking: Top 0.0831% by dependent repos Top 0.1036% by downloads Top 0.0725% by dependent pkgs
PR Status
Open 675 (45.3%)
Merged 32 (2.1%)
Closed 752 (50.5%)
PR Types
Major 855 (57.4%)
Patch 236 (15.8%)
Minor 368 (24.7%)