google / osv-scanner-actionLinks
☆42Updated last month
Alternatives and similar repositories for osv-scanner-action
Users that are interested in osv-scanner-action are comparing it to the libraries listed below
Sorting:
- Orchestrate GitHub Actions Security☆296Updated last month
- Resources for the deps.dev API☆343Updated last week
- A GitHub Action to suggest removal of non-organization members from CODEOWNERS files☆135Updated this week
- Official GitHub Action for OpenSSF Scorecard.☆334Updated this week
- Generate SBOMs with gh CLI☆193Updated 3 months ago
- Runtime Security Solution for your CI/CD Pipeline☆109Updated 3 months ago
- Verify provenance from SLSA compliant builders☆284Updated 2 months ago
- Open Source Vulnerability schema.☆207Updated this week
- Action for generating attestations for workflow artifacts☆59Updated this week
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded☆75Updated this week
- OSV-SCALIBR: A library for Software Composition Analysis☆502Updated this week
- Purpose-built security agent for hosted runners☆38Updated last month
- Format agnostic SBOM tooling☆115Updated this week
- Go library for Sigstore signing and verification☆82Updated this week
- Enrich SBOMs with data from third party services☆194Updated last month
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆229Updated this week
- Protect GitHub Actions with Tracee☆82Updated 7 months ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆37Updated 4 months ago
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆211Updated this week
- GitHub token permissions Monitor and Advisor actions☆333Updated 2 months ago
- GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.☆128Updated this week
- ☆50Updated this week
- OpenVEX Specification☆158Updated 3 months ago
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆104Updated last month
- Throw a tag at it and it comes back with a checksum.☆151Updated this week
- sbomasm: The Complete SBOM Management Toolkit☆85Updated this week
- A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…☆129Updated 8 months ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆347Updated this week
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆889Updated this week
- Security advisory data for Wolfi☆20Updated this week