Applying for GitHub publisher verification for Xray-Action.
Opened this issue · 1 comments
I’m writing regarding the GH Action
Our project is starting to migrate the CI/CD to GH Actions and we are interested to use your Actions.
Providing some context, our Security team requires the "Creator Verified by GitHub" badge to start the internal GHA verification process, due to this we are blocked to use unverified Actions.
We would be grateful if you could start the GH Action verification process, as it would help us greatly.
I believe it must improve your impact in the whole GitHub community as a partner organization and also, you are letting us use your actions.
You can find more helpful information in the following articles from GitHub Docs as a good starting point on the process.
https://docs.github.com/en/apps/github-marketplace/github-marketplace-overview/applying-for-publisher-verification-for-your-organization
https://docs.github.com/en/apps/github-marketplace/github-marketplace-overview/about-marketplace-badges
Thank you very much for the issue.
Unfortunately GitHub does not offer Verification for Individuals like myself. It would only verify organisations :(
I reached out multiple times to their support in the past for this however they had no timeline when individuals are able to get verification.
Until they will offer this capability. I'd advice you to make a fork (or clone) of this action within your organisation. Which I believe will align with your security teams requirement.
GitHub did enable support for private / internal repositories to host actions within an organisations a few months ago, so this should solve the limitation.
That said. If anybody has contacts to GitHub which would assist my actions getting verified, I would more than happy to follow these leads!