google / osv-scanner-action
☆20Updated last week
Alternatives and similar repositories for osv-scanner-action:
Users that are interested in osv-scanner-action are comparing it to the libraries listed below
- Official GitHub Action for OpenSSF Scorecard.☆280Updated this week
- Code-signing for npm packages☆160Updated this week
- ☆56Updated 2 years ago
- Log monitor for Rekor to verify immutability and monitor entries☆30Updated this week
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆57Updated 3 months ago
- An SBOM query language and associated utilities☆54Updated last year
- ☆32Updated 3 months ago
- OpenVEX Specification☆141Updated 7 months ago
- Go library for Sigstore signing and verification☆55Updated this week
- Orchestrate GitHub Actions Security☆273Updated last week
- GitHub Action for creating software bill of materials using Syft.☆176Updated 3 weeks ago
- Enrich SBOMs with data from third party services☆158Updated last week
- Publish a signed build provenance from your GitHub Actions workflow☆63Updated 8 months ago
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆79Updated this week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆33Updated this week
- A tool to create, transform and attest VEX metadata☆128Updated this week
- Helm charts for verifying artifact attestations in Kubernetes☆11Updated 2 weeks ago
- Compare vulnerability scanners results (to make them better!)☆16Updated last week
- Proof-of-concept SLSA provenance generator for GitHub Actions☆99Updated 2 years ago
- Throw a tag at it and it comes back with a checksum.☆109Updated this week
- Open Source Vulnerability schema.☆191Updated last week
- Format agnostic SBOM tooling☆99Updated this week
- Purpose-built security agent for hosted runners☆29Updated 6 months ago
- A GitHub Action to suggest removal of non-organization members from CODEOWNERS files☆124Updated this week
- TUF repository for Sigstore trust root☆96Updated this week
- Verify provenance from SLSA compliant builders☆244Updated this week
- Go module to generate and transform VEX documents☆38Updated this week
- Generate SBOMs with gh CLI☆177Updated 5 months ago
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆147Updated this week
- A collection of reusable Github Actions workflows.☆126Updated this week