GitSpider

gin-gonic/gin GitHub Actions scorecard

Public GitHub Actions data, last 30 days. Updated 6/30/2026, 2:00:24 AM.

Data sourced from public GitHub. GitSpider is not affiliated with or endorsed by this repository's owners. Request removal.

68 min/mo
recoverable (~11% of CI time) · across 11 patterns
Rough estimate from wall-clock run time at standard Linux pricing. Matrix/parallel jobs and your actual runners will differ.
16.2%
failure rate, 30d
4h 57m
avg time to recover from a failure
11 workflows · 413 runs (13.8/day) · 641 CI-min (wall-clock) · ≈$4 at paid-Linux rates (30d)

Waste detected

Biggest wins first, each with the exact config fix.

No concurrency control · Run Tests

~37 min/mo

Add a `concurrency:` block keyed on branch to cancel superseded runs when devs push twice quickly.

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

No concurrency control · CodeQL

~14 min/mo

Add a `concurrency:` block keyed on branch to cancel superseded runs when devs push twice quickly.

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

No concurrency control · Trivy Security Scan

~9 min/mo

Add a `concurrency:` block keyed on branch to cancel superseded runs when devs push twice quickly.

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

Workflow runs on both push and pull_request · Trivy Security Scan

~8 min/mo

Pushing to a branch and opening a PR triggers two runs. Pick one (usually `pull_request`) and exclude branch pushes for non-default branches.

on:
  push:
    branches: [main]
  pull_request:

No job timeout · CodeQL

~0 min/mo

No job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.

jobs:
  build:
    runs-on: ubuntu-latest
    timeout-minutes: 15

No path filters on triggers · CodeQL

~0 min/mo

Runs on every push/PR with no `paths:` filter, so docs-only changes still trigger full CI. Add a `paths:` filter if that's common.

on:
  pull_request:
    paths:
      - 'src/**'
      - 'package.json'

No job timeout · Run Tests

~0 min/mo

No job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.

jobs:
  build:
    runs-on: ubuntu-latest
    timeout-minutes: 15

No path filters on triggers · Run Tests

~0 min/mo

Runs on every push/PR with no `paths:` filter, so docs-only changes still trigger full CI. Add a `paths:` filter if that's common.

on:
  pull_request:
    paths:
      - 'src/**'
      - 'package.json'

Premium runners (macOS / Windows) · Run Tests

~0 min/mo

macOS bills ~10× and Windows ~2× a Linux minute. The cost estimate above assumes Linux, so your real spend is higher. Move any job that doesn't need them to `ubuntu-latest`.

jobs:
  build:
    runs-on: ubuntu-latest  # ~10x cheaper than macos-latest

No job timeout · Trivy Security Scan

~0 min/mo

No job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.

jobs:
  build:
    runs-on: ubuntu-latest
    timeout-minutes: 15

No path filters on triggers · Trivy Security Scan

~0 min/mo

Runs on every push/PR with no `paths:` filter, so docs-only changes still trigger full CI. Add a `paths:` filter if that's common.

on:
  pull_request:
    paths:
      - 'src/**'
      - 'package.json'

Want this on every push?

This scorecard is a one-time snapshot. Install the free GitHub App to track this repo continuously: new regressions caught as they land, trends over time, on your public and private repos. Team adds the offending commit on the PR + Slack alerts.

Install & monitor this repo →

Not ready to install? Get this report by email. No spam, unsubscribe anytime.

Share this scorecard: https://gitspider.com/scan/gin-gonic/gin
Add the badge to your README

Live CI-health badge → GitSpider badge

[![GitSpider](https://gitspider.com/badge/gin-gonic/gin.svg)](https://gitspider.com/scan/gin-gonic/gin)