fossas / fossa-actionLinks
Find license compliance and security issues in your applications with FOSSA and GitHub Actions.
☆58Updated this week
Alternatives and similar repositories for fossa-action
Users that are interested in fossa-action are comparing it to the libraries listed below
Sorting:
- GitHub Action to expose GitHub runtime to the workflow☆80Updated last month
- ☆54Updated last week
- Reusable workflows for developing actions☆72Updated 3 weeks ago
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆105Updated last month
- An Action for printing OIDC claims in GitHub Actions.☆109Updated 2 weeks ago
- Find stale repositories in a GitHub organization.☆188Updated last week
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆211Updated last week
- A GitHub Action to suggest removal of non-organization members from CODEOWNERS files☆135Updated last week
- Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).☆96Updated last year
- Runner Container Hooks for GitHub Actions☆115Updated this week
- A Github Action to ensure that actions are pinned to full length commit SHAs☆46Updated this week
- ☆16Updated 7 months ago
- Official GitHub Action for OpenSSF Scorecard.☆337Updated this week
- GitHub Action to check PRs for signed commits☆55Updated last year
- Generate SBOMs with gh CLI☆193Updated 4 months ago
- GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.☆127Updated last week
- Cosign Github Action☆161Updated 3 weeks ago
- A GitHub App that allows you to contribute upstream using private mirrors of public projects☆168Updated last month
- Set up your GitHub Actions workflow with a specific version of ORAS☆23Updated 2 weeks ago
- Template repo for creating container actions using https://github.com/actions/toolkit/☆146Updated last week
- Action for generating attestations for workflow artifacts☆60Updated last week
- Proof-of-concept SLSA provenance generator for GitHub Actions☆100Updated 2 years ago
- GitHub token permissions Monitor and Advisor actions☆337Updated last week
- Code-signing for npm packages☆169Updated last week
- VSCode extension to integrate hadolint, a Dockerfile linter, into VSCode☆82Updated 2 years ago
- JavaScript code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oas…☆29Updated last year
- A Pulumi package to facilitate interacting with GitHub☆65Updated this week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆38Updated 4 months ago
- A GitHub Action to send queries to GitHub's GraphQL API☆132Updated this week
- Publish a signed build provenance from your GitHub Actions workflow☆62Updated last year