microsoft / bandit-sarif-formatterLinks
A report formatter for Bandit (a Python security analyzer) that produces output in the SARIF format.
☆18Updated last year
Alternatives and similar repositories for bandit-sarif-formatter
Users that are interested in bandit-sarif-formatter are comparing it to the libraries listed below
Sorting:
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆74Updated last week
- Python implementation of OWASP CycloneDX☆82Updated this week
- PURL to CPE Relationship mapping project.☆91Updated this week
- Software Bill-of-Materials documents for Python packages☆39Updated 3 months ago
- A Sigstore client written in Python☆269Updated this week
- Action to detect if a secret is initially detected in a pull request☆17Updated 3 months ago
- A GitHub Action for pip-audit☆74Updated last week
- Library to ingest and generate SBOMs☆25Updated last month
- Security audit Python project dependencies against security advisory databases.☆66Updated last week
- A tool to generate a SBOM (Software Bill of Materials) for an installed Python module☆33Updated 2 months ago
- GitHub Advanced Security Python Toolkit☆13Updated last week
- A place to systematically store software bill of materials (SBOM) documents.☆46Updated 2 years ago
- Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.☆119Updated 6 months ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆118Updated last year
- SARIF Microsoft Visual Studio Code extension☆117Updated this week
- A community collection of security reviews of open source software components.☆94Updated last year
- Audit python packages for known vulnerabilities☆32Updated 3 years ago
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆66Updated 2 months ago
- Software Component Verification Standard (SCVS)☆147Updated 2 months ago
- Utility that provides an API platform for validating, querying and managing BOM data☆113Updated last week
- Check SPDX SBOM for NTIA minimum elements☆62Updated this week
- This is a repository of vulnerability advisories for projects in scope for the Python Software Foundation CVE Numbering Authority (CNA)☆35Updated 3 weeks ago
- A set of Python command line tools for working with SARIF files produced by code analysis tools☆111Updated last week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆92Updated last week
- Low-effort reachability analysis for third-party code vulnerabilities.☆20Updated last year
- CVSS2/3/4 library with interactive calculator for Python 2 and Python 3☆99Updated last week
- The model for the information captured in SPDX version 3 standard.☆83Updated last week
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆157Updated this week
- Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.☆166Updated 7 months ago
- Format agnostic SBOM tooling☆106Updated this week