Socket GitHub Action
planned
Feross Aboukhadijeh (Socket)
Some customers prefer to use a GitHub Action instead of a GitHub App.
Possible advantages of a GitHub Action over GitHub Apps:
- Customer already uses GitHub Actions and prefers this workflow
- Customer doesn't have admin permissions on their organization, so they can't install a GitHub App
- Customer needs to be able to review the source code of the Action to ensure that only the package.json and associated lockfiles are uploaded to Socket
Christian Bewernitz
Would be interesting to know how this is related to the planned pricing, would it be possible to run those actions from a private repo without being a paying customer, or would that require some kind of token to be able to persist things on socket.dev?
Feross Aboukhadijeh (Socket)
planned