Alternatives and similar repositories for oss-rebuild

Users that are interested in oss-rebuild are comparing it to the libraries listed below

• google / vanir
  Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system…
  ☆339Updated last month
• google / deps.dev
  Resources for the deps.dev API
  ☆332Updated last week
• google / osv-scalibr
  OSV-SCALIBR: A library for Software Composition Analysis
  ☆412Updated this week
• gittuf / gittuf
  A security layer for Git repositories
  ☆537Updated this week
• reteps / dockerfmt
  Dockerfile formatter. a modern dockfmt.
  ☆523Updated last month
• mongodb / kingfisher
  Kingfisher is a blazingly fast secret‑scanning and validation tool built in Rust
  ☆479Updated this week
• DeepSourceCorp / globstar
  Globstar is a fast, feature-rich, and open-source static analysis toolkit for writing and running code checkers. Based on tree-sitter.
  ☆454Updated last month
• reproducible-containers / diffoci
  diff for Docker and OCI container images
  ☆460Updated 2 weeks ago
• octo-sts / app
  A GitHub App that acts like a Security Token Service (STS) for the Github API
  ☆212Updated this week
• vet-run / vet
  vet is a command-line tool that acts as a safety net for the risky curl | bash pattern. It lets you inspect, diff against previous versio…
  ☆908Updated 2 weeks ago
• evanrolfe / trayce_gui
  ☆391Updated last week
• google / osv-scanner-action
  ☆35Updated this week
• safedep / vet
  Protect against malicious open source packages 🤖
  ☆649Updated last week
• riseandignite / mcp-shield
  Security scanner for MCP servers
  ☆494Updated 3 months ago
• step-security / harden-runner
  Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…
  ☆861Updated this week
• bomctl / bomctl
  Format agnostic SBOM tooling
  ☆112Updated 2 weeks ago
• noperator / jqfmt
  like gofmt, but for jq
  ☆366Updated 2 weeks ago
• step-security / changed-files
  Github action to retrieve all (added, copied, modified, deleted, renamed, type changed, unmerged, unknown) files and directories. Secure …
  ☆72Updated this week
• specfy / stack-analyser
  Extract +700 technologies from any repository. Detect Languages, SaaS, Cloud, Infrastructure, Dependencies and Services
  ☆320Updated last month
• slsa-framework / slsa-verifier
  Verify provenance from SLSA compliant builders
  ☆275Updated 2 weeks ago
• edera-dev / am-i-isolated
  Validate the isolation posture of your container environment.
  ☆296Updated last week
• GitHubSecurityLab / actions-permissions
  GitHub token permissions Monitor and Advisor actions
  ☆319Updated 2 weeks ago
• openvex / spec
  OpenVEX Specification
  ☆156Updated 2 months ago
• AkihiroSuda / gomodjail
  [Experimental] jail for Go modules
  ☆93Updated 3 weeks ago
• cloudflare / har-sanitizer
  ☆214Updated 10 months ago
• derekg / ts-ssh
  Go-based SSH and SCP client with userspace Tailscale connectivity. Secure shell access and file transfers over Tailnet without requiring …
  ☆247Updated last month
• endoflife-date / release-data
  Common Release Data for various projects in a consumable format, automatically updated.
  ☆177Updated this week
• apiiro / PRevent
  Prevent merging of malicious code in pull requests
  ☆230Updated 4 months ago
• hyperlight-dev / hyperlight-wasm
  hyperlight-wasm is a rust library crate that enables Wasm Modules and components to be run inside lightweight Virtual Machine backed Sand…
  ☆617Updated this week
• stacklok / frizbee
  Throw a tag at it and it comes back with a checksum.
  ☆146Updated last week