google / osv-scanner-actionLinks
☆35Updated this week
Alternatives and similar repositories for osv-scanner-action
Users that are interested in osv-scanner-action are comparing it to the libraries listed below
Sorting:
- Orchestrate GitHub Actions Security☆294Updated this week
- Resources for the deps.dev API☆332Updated last week
- Official GitHub Action for OpenSSF Scorecard.☆324Updated last week
- A GitHub Action to suggest removal of non-organization members from CODEOWNERS files☆133Updated last week
- Generate SBOMs with gh CLI☆189Updated 2 months ago
- Open Source Vulnerability schema.☆206Updated this week
- Purpose-built security agent for hosted runners☆38Updated 2 months ago
- Verify provenance from SLSA compliant builders☆275Updated 2 weeks ago
- Format agnostic SBOM tooling☆112Updated 2 weeks ago
- GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.☆128Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆324Updated this week
- Enrich SBOMs with data from third party services☆183Updated this week
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded☆72Updated 3 weeks ago
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆861Updated this week
- Protect GitHub Actions with Tracee☆83Updated 6 months ago
- OSV-SCALIBR: A library for Software Composition Analysis☆412Updated this week
- Produce an Open Source Vulnerability JSON file based on information in an SPDX document☆64Updated last year
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆212Updated this week
- Runtime Security Solution for your CI/CD Pipeline☆108Updated 2 months ago
- ☆45Updated 9 months ago
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆203Updated this week
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆92Updated this week
- Utility that provides an API platform for validating, querying and managing BOM data☆117Updated this week
- OpenVEX Specification☆156Updated 2 months ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆35Updated 2 months ago
- Action for generating attestations for workflow artifacts☆55Updated this week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆99Updated this week
- Throw a tag at it and it comes back with a checksum.☆146Updated last week
- SBOM Edit - Conditional edits and merging of SBOMs☆74Updated last week
- GitHub token permissions Monitor and Advisor actions☆319Updated 2 weeks ago