{"id":13532400,"url":"https://github.com/jakejarvis/lighthouse-action","last_synced_at":"2025-10-02T15:31:20.510Z","repository":{"id":45864252,"uuid":"203850598","full_name":"jakejarvis/lighthouse-action","owner":"jakejarvis","description":"💡🏠 GitHub Action for running @GoogleChromeLabs Lighthouse webpage audits","archived":true,"fork":false,"pushed_at":"2021-01-11T20:10:04.000Z","size":1018,"stargazers_count":349,"open_issues_count":20,"forks_count":29,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-09-29T05:41:13.905Z","etag":null,"topics":["accessibility","actions","chrome","ci","github-actions","lighthouse","pwa","seo"],"latest_commit_sha":null,"homepage":"https://github.com/marketplace/actions/lighthouse-audit","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jakejarvis.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-08-22T18:25:11.000Z","updated_at":"2025-08-28T07:07:49.000Z","dependencies_parsed_at":"2023-01-11T17:22:50.073Z","dependency_job_id":null,"html_url":"https://github.com/jakejarvis/lighthouse-action","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/jakejarvis/lighthouse-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jakejarvis%2Flighthouse-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jakejarvis%2Flighthouse-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jakejarvis%2Flighthouse-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jakejarvis%2Flighthouse-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jakejarvis","download_url":"https://codeload.github.com/jakejarvis/lighthouse-action/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jakejarvis%2Flighthouse-action/sbom","scorecard":{"id":502553,"data":{"date":"2025-08-11","repo":{"name":"github.com/jakejarvis/lighthouse-action","commit":"0b636dea27f28abdde0bd63eba7dc7cafc910d35"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.5,"checks":[{"name":"Code-Review","score":1,"reason":"Found 3/29 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"project is archived","details":["Warn: Repository is archived."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/test.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/jakejarvis/lighthouse-action/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/jakejarvis/lighthouse-action/test.yml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:2: pin your Docker image by updating jakejarvis/chrome-headless:latest to jakejarvis/chrome-headless:latest@sha256:ec66d77377b7918d2807680e8c00875fdafe655a6778877c3cb7a9f27935a368","Warn: containerImage not pinned by hash: Dockerfile.base:1: pin your Docker image by updating node:lts-slim to node:lts-slim@sha256:752ea8a2f758c34002a0461bd9f1cee4f9a3c36d48494586f60ffce1fc708e0e","Warn: npmCommand not pinned by hash: Dockerfile:17","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 containerImage dependencies pinned","Info:   0 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 4 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-19T22:20:26.913Z","repository_id":45864252,"created_at":"2025-08-19T22:20:26.913Z","updated_at":"2025-08-19T22:20:26.913Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278028938,"owners_count":25918069,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-02T02:00:08.890Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["accessibility","actions","chrome","ci","github-actions","lighthouse","pwa","seo"],"created_at":"2024-08-01T07:01:10.710Z","updated_at":"2025-10-02T15:31:20.165Z","avatar_url":"https://github.com/jakejarvis.png","language":"Shell","funding_links":[],"categories":["Shell","Community Resources","Uncategorized"],"sub_categories":["Monitoring","Testing and Linting","Uncategorized"],"readme":"# GitHub Action for [Lighthouse Auditing](https://developers.google.com/web/tools/lighthouse/)\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/jakejarvis/lighthouse-action/master/screenshots/logo.png\" alt=\"Lighthouse Logo\" width=\"300\"\u003e\u003c/p\u003e\n\nThis action integrates Google's helpful [Lighthouse audits](https://developers.google.com/web/tools/lighthouse/) for webpages — specifically testing for Performance, Accessibility, Best Practices, SEO, and Progressive Web Apps. Right now, the action will print the five scores (out of 100) to the output and upload HTML and JSON versions of the report as artifacts. In the next release, the action will let you specify thresholds for each test and optionally fail this step if they are not met.\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/jakejarvis/lighthouse-action/master/screenshots/screenshot-report.png\" alt=\"Example HTML report\"\u003e\u003c/p\u003e\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/jakejarvis/lighthouse-action/master/screenshots/screenshot-output.png\" alt=\"Example command line output\" width=\"750\"\u003e\u003c/p\u003e\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/jakejarvis/lighthouse-action/master/screenshots/screenshot-artifact.png\" alt=\"Example HTML report\" width=\"320\"\u003e\u003c/p\u003e\n\nInspired by [GoogleChromeLabs/lighthousebot](https://github.com/GoogleChromeLabs/lighthousebot).\n\n\n## Usage\n\n### `workflow.yml` Example\n\nThe following workflow runs a Lighthouse audit on [https://jarv.is/](https://jarv.is/), shows the five scores in the output of the step, and uploads the `.html` and `.json` results as artifacts to download (as shown above).\n\n```yaml\nname: Audit live site\non: push\n\njobs:\n  audit:\n    runs-on: ubuntu-latest\n    steps:\n    - name: Audit live URL\n      uses: jakejarvis/lighthouse-action@master\n      with:\n        url: 'https://jarv.is/'\n    - name: Upload results as an artifact\n      uses: actions/upload-artifact@master\n      with:\n        name: report\n        path: './report'\n```\n\n\n### Pull Request Audits with [Netlify Deploy Preview](https://www.netlify.com/docs/continuous-deployment/)\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/jakejarvis/lighthouse-action/master/screenshots/netlify-logo.png\" alt=\"Netlify Logo\" width=\"300\"\u003e\u003c/p\u003e\n\nThis GitHub action integrates with [Netlify's Deploy Preview](https://www.netlify.com/docs/continuous-deployment/) feature, allowing you to test PRs before accepting them. To enable, you need to pass in your Netlify site's URL (on the Netlify subdomain — also called your \"site name\" in the Netlify dashboard — **not your custom domain**) to the `netlify_site` input variable:\n\n```yaml\nname: Audit pull request\non: pull_request\n\njobs:\n  audit:\n    runs-on: ubuntu-latest\n    steps:\n    - name: Audit Netlify deploy preview\n      uses: jakejarvis/lighthouse-action@master\n      with:\n        netlify_site: 'blissful-heisenberg-16c40f.netlify.com'\n    - uses: actions/upload-artifact@master\n      with:\n        name: report\n        path: './report'\n```\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/jakejarvis/lighthouse-action/master/screenshots/netlify-subdomain.png\" alt=\"Netlify subdomain in dashboard\" width=\"700\"\u003e\u003c/p\u003e\n\nOn pull requests, the PR number will be extracted from the GitHub event data and used to generate the deploy preview URL as follows: `https://deploy-preview-[[PR_NUMBER]]--[[NETLIFY_SITE]].netlify.com`. You can combine the two above examples and include both `url` and `netlify_site` and run on `on: [push, pull_request]` and the appropriate URL will be automatically selected depending on the type of event.\n\n\n## To-Do\n\n- **Make CI fail if scores do not meet specified thresholds.**\n- Ability to customize flags passed to both Chrome and Lighthouse\n- Batch URL testing\n\n\n## License\n\nThis project is distributed under the [MIT license](LICENSE.md).\n\nLicense information for bundled third party software can be found in [THIRD_PARTY_NOTICE.md](THIRD_PARTY_NOTICE.md). \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjakejarvis%2Flighthouse-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjakejarvis%2Flighthouse-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjakejarvis%2Flighthouse-action/lists"}