Security in GitHub Actions
Learn about security as a concept in GitHub Actions.
Secrets
Learn about secrets as they are used in GitHub Actions workflows.
GITHUB_TOKEN
Learn what GITHUB_TOKEN is, how it works, and why it matters for secure automation in GitHub Actions workflows.
OpenID Connect
OpenID Connect allows your workflows to exchange short-lived tokens directly from your cloud provider.
Script injections
Understand the security risks associated with script injections and GitHub Actions workflows.
Compromised runners
Understand the security risks associated with compromised GitHub Actions runners.