{"id":20901598,"url":"https://github.com/willfarrell/github-workflows","last_synced_at":"2025-12-27T10:11:17.650Z","repository":{"id":142528753,"uuid":"514753117","full_name":"willfarrell/github-workflows","owner":"willfarrell","description":"Collection of GitHub Workers","archived":false,"fork":false,"pushed_at":"2022-07-23T06:23:17.000Z","size":6,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-12T20:38:04.949Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/willfarrell.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-07-17T05:16:45.000Z","updated_at":"2022-07-23T06:23:20.000Z","dependencies_parsed_at":null,"dependency_job_id":"93dc8429-47ef-4d25-a2bf-10b6c93217c1","html_url":"https://github.com/willfarrell/github-workflows","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/willfarrell/github-workflows","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fgithub-workflows","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fgithub-workflows/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fgithub-workflows/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fgithub-workflows/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/willfarrell","download_url":"https://codeload.github.com/willfarrell/github-workflows/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willfarrell%2Fgithub-workflows/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28077395,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-27T02:00:05.897Z","response_time":58,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-18T11:36:10.225Z","updated_at":"2025-12-27T10:11:17.603Z","avatar_url":"https://github.com/willfarrell.png","language":"JavaScript","readme":"# GitHub Actions Workflows\nCollection of GitHub Workers for JavaScript, Docker, Terraform, AWS\n\n## Lint\n- html\n  - ally - https://github.com/marketplace/axe-linter\n  - webhint - https://webhint.io/\n  - w3c - https://validator.w3.org/\n  - Nu HTML - https://validator.w3.org/nu - cli: https://github.com/dominicbarnes/nu-html-checker-cli\n- rda (schema.org)\n  - https://developers.google.com/search/docs/advanced/structured-data\n- js\n  - prettier\n  - standard\n- tf\n  - tf fmt\n- git\n  - conventional commit\n\n- on-commit\n  - husky\n  - lint-staged\n\n## Testing\n\n\n- bundle size\n  - js\n    - https://github.com/ai/size-limit\n    - https://github.com/bundlewatch/bundlewatch\n    - https://github.com/siddharthkp/bundlesize\n    - https://github.com/doesdev/rollup-plugin-analyzer\n  - css\n- unit\n  - browser (playwrite?)\n  - nodejs (ava, sinon)\n- e2e\n  - browser (playwrite?)\n  - nodejs (ava, sinon)\n- load tests (API) - k6\n\n\n## Accessibility\n\n- Lighthouse - https://web.dev/lighthouse-ci/\n- axe - built into Lighthouse\n- VoiceOver - https://www.smashingmagazine.com/2021/06/automating-screen-reader-testing-macos-autovo/\n- readability - readability-checker\n- inconsiderate check - alexjs.com\n\n\n- lhci action - https://calendar.perfplanet.com/2020/running-lighthouse-in-github-actions/\n- ally actions - https://www.adrianbolonio.com/en/accessibility-github-actions/\n\n## Performance\n\n- WebPageSpeed - https://github.com/marketplace/actions/webpagetest-github-action\n- Lighthouse - https://web.dev/lighthouse-ci/\n- Lighthouse User Flows - https://web.dev/lighthouse-user-flows/\n- tracerbench - https://www.tracerbench.com/docs/guide\n- fuite (Memory) - https://nolanlawson.com/2021/12/17/introducing-fuite-a-tool-for-finding-memory-leaks-in-web-apps/\n- benchmarks (nodejs) - ??\n\n## Security\n### Scores\n- https://github.com/ossf/criticality_score\n- https://github.com/ossf/scorecard\n\n### Secrets\n  - trufflehog\n  - gitleaks - https://github.com/zricethezav/gitleaks\n  - git-secrets - https://github.com/awslabs/git-secrets\n\n### SCA\n  1. dep only use strict versions\n  2. outdated deps\n  3. unused deps\n  4. vulnerable deps / sub-deps\n  5. licensing\n  \n|                | Strict | Outdated | Unused    | Vulnerable | Licensing \n|----------------|--------|----------|-----------|------------|-----------\n| JavaScript     | DOCS   | npm      | npm-check | npm,synk   | fossa,snyk\n| Docker         | DOCS   | ??       | N/A       | aws,snyk,trivy | ??\n| Terraform      | DOCS   | ??       | N/A       | N/A        | ??\n| GitHub Actions | zgosalvez/github-actions-ensure-sha-pinned-actions | ??       | N/A       | ??         | ??\n\n- script to update all npm - https://elijahmanor.com/byte/update-node-deps\n- example of locked actions - https://github.com/awslabs/aws-lambda-powertools-python/pull/1301/files#diff-a953f14a734733a344c1ec7df41cad6e02866130a9cc7a7028bf09edad6c1f9f\n- unused for js alt - https://github.com/smeijer/unimported\n- fossa - https://github.com/marketplace/actions/fossa-action\n- docker health check - https://github.com/aelsabbahy/goss\n\n### SAST\n\n|            | SAST\n|------------|----------------------------------\n| JavaScript | codeql,semgrep,snyk,sonarcloud\n| Terraform  | tflint,tfsec,checkov,regula,snyk\n\n- sonar - https://github.com/marketplace/actions/sonarqube-scan\n- codeql - https://github.com/github/codeql-action\n- tflint plugin: https://github.com/awslabs/serverless-rules\n\n### DAST\n  \n|            | DAST\n|------------|-----------------\n| JavaScript | zap (app,api)\n| WAF        | gotestwaf\n| Terraform  | aws,cis,prowler\n\n- `docker run -v ${PWD}:/app/reports wallarm/gotestwaf --url https://datastream.org/api/health --wsUrl datastream.org/ws --skipWAFBlockCheck --verbose`\n- js-dast - https://github.com/lirantal/is-website-vulnerable\n- fuzzing?\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillfarrell%2Fgithub-workflows","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwillfarrell%2Fgithub-workflows","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillfarrell%2Fgithub-workflows/lists"}