Alternatives and similar repositories for sarif-js-sdk

Users that are interested in sarif-js-sdk are comparing it to the libraries listed below

• theupdateframework / tuf-js
  JavaScript implementation of The Update Framework (TUF)
  ☆80Updated last week
• microsoft / eslint-plugin-sdl
  ESLint Plugin focused on common security issues and misconfigurations.
  ☆43Updated 5 months ago
• nvuillam / node-sarif-builder
  JS/TS library to easily build valid SARIF output from your javascript based SAST tools
  ☆14Updated this week
• conventional-commits / parser
  reference implementation of conventionalcommits.org spec
  ☆50Updated 2 months ago
• fossas / fossa-action
  Find license compliance and security issues in your applications with FOSSA and GitHub Actions.
  ☆54Updated last week
• sigstore / sigstore-js
  Code-signing for npm packages
  ☆165Updated this week
• ossf / package-manager-best-practices
  Collection of security best practices for package managers.
  ☆162Updated 2 years ago
• google / tsec
  ☆136Updated last week
• github / combine-prs
  GitHub Action to combine multiple PRs into a single one
  ☆131Updated 4 months ago
• security-alert / security-alert
  [GitHub] A Command Line ToolKit for GitHub Security Alert.
  ☆27Updated last week
• CycloneDX / cyclonedx-node-npm
  Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
  ☆92Updated last week
• actions / attest-sbom
  Action for generating SBOM attestations for workflow artifacts
  ☆34Updated this week
• ossf / scorecard-monitor
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆35Updated 2 months ago
• actions / publish-action
  ☆51Updated last week
• CycloneDX / gh-node-module-generatebom
  GitHub action to generate a CycloneDX SBOM for Node.js
  ☆22Updated 3 weeks ago
• github / ossar-action
  Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).
  ☆96Updated last year
• probot / octokit-plugin-config
  🛠️ Get/set persisted configuration using YAML/JSON files in repositories
  ☆40Updated this week
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆118Updated last week
• ecosyste-ms / packages
  An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
  ☆41Updated last week
• google / strict-csp
  ☆46Updated 10 months ago
• oasis-tcs / sarif-spec
  OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
  ☆186Updated 2 weeks ago
• lirantal / detect-secrets
  A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets
  ☆51Updated 3 years ago
• CycloneDX / cyclonedx-node-module
  creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
  ☆131Updated 2 months ago
• google / re2-wasm
  ☆74Updated 2 years ago
• step-security / secure-repo
  Orchestrate GitHub Actions Security
  ☆294Updated this week
• octoherd / cli
  CLI to run a octoherd scripts on one or multiple repositories
  ☆104Updated last month
• octokit / plugin-throttling.js
  Octokit plugin for GitHub’s recommended request throttling
  ☆124Updated last month
• ossf / scorecard-action
  Official GitHub Action for OpenSSF Scorecard.
  ☆322Updated this week
• github / evergreen
  GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…
  ☆203Updated this week
• google / safevalues
  ☆126Updated 2 weeks ago