anchore / scan-actionLinks
Anchore container analysis and scan provided as a GitHub Action
☆256Updated this week
Alternatives and similar repositories for scan-action
Users that are interested in scan-action are comparing it to the libraries listed below
Sorting:
- GitHub Action for creating software bill of materials using Syft.☆206Updated this week
- Language-agnostic SLSA provenance generation for Github Actions☆511Updated 4 months ago
- Verify provenance from SLSA compliant builders☆288Updated 3 months ago
- Cosign Github Action☆168Updated last week
- A collection of reusable Github Actions workflows.☆146Updated last week
- Official GitHub Action for OpenSSF Scorecard.☆339Updated last week
- A utility to generate SPDX-compliant Bill of Materials manifests☆415Updated last week
- Plugin for Docker CLI to support SBOM creation using Syft☆157Updated last month
- A Github Action to automatically update digests for container images.☆78Updated 2 weeks ago
- A tool to create, transform and attest VEX metadata☆161Updated this week
- Orchestrate GitHub Actions Security☆299Updated this week
- A GitHub action to help you scan your docker image for vulnerabilities☆222Updated 2 years ago
- A VS Code Extension for Trivy☆148Updated last month
- Proof-of-concept SLSA provenance generator for GitHub Actions☆100Updated 2 years ago
- Publishes BOMs to Dependency-Track from GitHub Actions☆55Updated last year
- Open source compliance tool for development platforms.☆288Updated last year
- A license scanner for container images and filesystems.☆111Updated this week
- Regal is a linter and language server for Rego, bringing your policy development experience to the next level!☆344Updated last week
- Helm charts for sigstore project☆83Updated last week
- Enrich SBOMs with data from third party services☆196Updated 2 months ago
- Evaluate source control (GitHub) security posture☆251Updated 2 years ago
- Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities☆1,094Updated last month
- Web application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive d…☆152Updated last week
- GitHub Action for Dagger☆160Updated 3 weeks ago
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆147Updated last week
- ☆250Updated this week
- Dynamic GitHub Actions from Wolfi packages☆44Updated 5 months ago
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆234Updated this week
- Vanilla GitHub action to run tfsec☆60Updated 2 years ago
- in-toto Attestation Framework☆301Updated last week