fossas / fossa-action
Find license compliance and security issues in your applications with FOSSA and GitHub Actions.
☆51Updated last month
Alternatives and similar repositories for fossa-action:
Users that are interested in fossa-action are comparing it to the libraries listed below
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆57Updated 4 months ago
- ☆44Updated last week
- ☆15Updated last month
- Generate SBOMs with gh CLI☆178Updated 5 months ago
- Proof-of-concept SLSA provenance generator for GitHub Actions☆99Updated 2 years ago
- GitHub Action to expose GitHub runtime to the workflow☆67Updated last week
- Runner Container Hooks for GitHub Actions☆85Updated 3 months ago
- Find stale repositories in a GitHub organization.☆153Updated this week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆33Updated 3 weeks ago
- ☆32Updated 4 months ago
- A GitHub Action to suggest removal of non-organization members from CODEOWNERS files☆127Updated this week
- GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.☆117Updated this week
- An Action for printing OIDC claims in GitHub Actions.☆82Updated 7 months ago
- Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).☆96Updated 10 months ago
- Compare vulnerability scanners results (to make them better!)☆16Updated last week
- Probot & GitHub Action example☆35Updated this week
- A Github Action to ensure that actions are pinned to full length commit SHAs☆39Updated this week
- Action for generating attestations for workflow artifacts☆43Updated this week
- machine-readable, always up-to-date GitHub App permissions☆12Updated this week
- GitHub Action to check PRs for signed commits☆52Updated 7 months ago
- JavaScript code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oas…☆27Updated 9 months ago
- ☆19Updated 3 years ago
- A Pulumi package to facilitate interacting with GitHub☆62Updated this week
- The containerbase project's base image source☆40Updated this week
- Reusable workflows for developing actions☆61Updated last month
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆196Updated this week
- GitHub Action to validate Kubernetes manifest files☆35Updated last week
- A GitHub App that allows you to contribute upstream using private mirrors of public projects☆159Updated this week
- ✅ GitHub Action to create verified commits☆18Updated 6 months ago
- GitHub token permissions Monitor and Advisor actions☆275Updated 2 weeks ago