Security News
Django Joins curl in Pushing Back on AI Slop Security Reports
Django has updated its security policies to reject AI-generated vulnerability reports that include fabricated or unverifiable content.
By Sarah Gooding - Jun 30, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
action-status
Advanced tools
action-status
action-status makes it easy to create check statuses in GitHub Actions.
Why?
Currently, each action in a GitHub Actions workflow has its status set automatically, and you can't change anything useful about the status (such as its short textual description or "Details" link URL) because it'll be overwritten when the action is resolved in the workflow. action-status makes it easy to create separate status checks with a unique name that can include more useful information, for instance:
- A short description noting why the action succeeded or failed;
- Intentionally "pending" statuses that indicate things to be fixed in a pull request before it can be merged, a la Semantic Pull Requests;
- Point directly to relevant URLs from the "Details" link, such as site deployments;
- Report code coverage with ASCII characters;
- And so on!
Usage
There are three different ways to use it:
npm
You can install action-status via npm with:
npm install --save --dev action-status
Then, in your package's run-scripts you can call it via action-status, e.g. if you publish to npm from Actions, you could do this:
{
"scripts": {
"prepublish": "action-status --context=\"publish $npm_package_name\" --state=pending --desc=\"Publishing $npm_package_version...\"",
"postpublish": "action-status --context=\"publish $npm_package_name\" --state=success --desc=\"Published $npm_package_version\"",
},
"devDependencies": {
"action-status": "1.0.0"
}
}
:warning: Warning: npm is run as root in GitHub Actions, which means that pre- and post- lifecycle scripts will not be run unless you explicitly call npm with the --unsafe-perms option. Be warned, though, that this makes it possible for any of your dependencies to run (in a preinstall script, for instance) arbitrary commands with access to your secrets, source, and git history.
npx
Using npm's npx command allows you to run action-status without explicitly declaring it as a dependency in your package.json:
npx action-status --context=ping --state=success
Note: This is really only useful if you're running it once, though, since npx will reinstall the package each time you call it.
GitHub Action
You can call the action-status command via an action with:
action "status" {
uses = "shawnbot/action-status@master"
args = ["--context=ping", "--state=success"]
secrets = ["GITHUB_TOKEN"]
}
Note: You must enable the automatic GITHUB_TOKEN secret unless you're going to provide a different access token via --token=$SOME_OTHER_SECRET
Keywords
FAQs
Easily create commit statuses from GitHub Actions
The npm package action-status receives a total of 77 weekly downloads. As such, action-status popularity was classified as not popular.
We found that action-status demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 05 Feb 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ECMAScript 2025 Finalized with Iterator Helpers, Set Methods, RegExp.escape, and More
ECMAScript 2025 introduces Iterator Helpers, Set methods, JSON modules, and more in its latest spec update approved by Ecma in June 2025.
By Sarah Gooding - Jun 26, 2025
Security News
Node.js Homepage Adds Paid Support Link, Prompting Contributor Pushback
A new Node.js homepage button linking to paid support for EOL versions has sparked a heated discussion among contributors and the wider community.
By Sarah Gooding - Jun 25, 2025