fossas / fossa-actionLinks
Find license compliance and security issues in your applications with FOSSA and GitHub Actions.
☆53Updated this week
Alternatives and similar repositories for fossa-action
Users that are interested in fossa-action are comparing it to the libraries listed below
Sorting:
- Action for generating SBOM attestations for workflow artifacts☆31Updated last week
- ☆50Updated 2 weeks ago
- ☆16Updated 3 months ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆35Updated 2 weeks ago
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆86Updated 6 months ago
- An Action for printing OIDC claims in GitHub Actions.☆94Updated 2 months ago
- A GitHub Action to suggest removal of non-organization members from CODEOWNERS files☆134Updated this week
- Find stale repositories in a GitHub organization.☆182Updated this week
- JavaScript code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oas…☆28Updated last year
- Compare vulnerability scanners results (to make them better!)☆16Updated last month
- GitHub Action to check PRs for signed commits☆54Updated 10 months ago
- Publish a signed build provenance from your GitHub Actions workflow☆63Updated last year
- GitHub Action to expose GitHub runtime to the workflow☆72Updated 2 months ago
- Proof-of-concept SLSA provenance generator for GitHub Actions☆99Updated 2 years ago
- Reusable workflows for developing actions☆68Updated last month
- A Github Action to ensure that actions are pinned to full length commit SHAs☆45Updated this week
- Runner Container Hooks for GitHub Actions☆95Updated last month
- GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.☆123Updated this week
- Action for generating attestations for workflow artifacts☆50Updated last week
- Github Action implementation of SLSA Provenance Generation☆48Updated last week
- Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).☆96Updated last year
- ☆42Updated 7 months ago
- Generate SBOMs with gh CLI☆185Updated this week
- Set up your GitHub Actions workflow with a specific version of ORAS☆22Updated last week
- Docs and Tutorials for Chainguard☆83Updated this week
- The containerbase project's base image source☆43Updated this week
- Lock Action to support deployment locking for the branch-deploy Action☆42Updated 2 weeks ago
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆200Updated this week
- CNCF Project Template☆71Updated 10 months ago
- Official GitHub Action for OpenSSF Scorecard.☆307Updated this week