Skip to content

Check vulnerable NuGet packages

Actions
GitHub Action to check for vulnerable NuGet packages
v2
Latest
By elmahio
Verified creator
Star (3)

Tags

 (2)
code-reviewcode-quality

Verified

GitHub has manually verified the creator of the action as an official partner organization. For more info see About badges in GitHub Marketplace.

Check vulnerable NuGet packages GitHub Action

This action will check for vulnerable NuGet packages in one or more projects/solutions. If vulnerable packages are found, they will be listed and the build will fail.

Screenshot

The code is based on this excellent blog post by Steven Giesel. Development of the action is sponsored by elmah.io.

Inputs

projects

A newline-separated list of project or solution files to operate on. If not specified, the command will search the current directory for one.

Example usage

Check all projects and solutions for vulnerable NuGet packages:

- name: Check vulnerable NuGet packages
  uses: elmahio/github-check-vulnerable-nuget-packages-action@v2

Check a specific project for vulnerable NuGet packages:

- name: Check vulnerable NuGet packages
  uses: elmahio/github-check-vulnerable-nuget-packages-action@v2
  with:
    projects: |
      src/HelloWorld.csproj

Contributors (1)

@ThomasArdal

Resources

Check vulnerable NuGet packages is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.

About

GitHub Action to check for vulnerable NuGet packages
v2
Latest
By elmahio

Verified

GitHub has manually verified the creator of the action as an official partner organization. For more info see About badges in GitHub Marketplace.

Tags

 (2)
code-reviewcode-quality

Contributors (1)

@ThomasArdal

Resources

Check vulnerable NuGet packages is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.