oasis-tcs / sarif-specLinks
OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
☆186Updated 2 weeks ago
Alternatives and similar repositories for sarif-spec
Users that are interested in sarif-spec are comparing it to the libraries listed below
Sorting:
- SARIF Microsoft Visual Studio Code extension☆118Updated 2 weeks ago
- User-friendly documentation for the SARIF file format.☆316Updated last year
- A React-based component for viewing SARIF files.☆98Updated 8 months ago
- .NET code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oasis-tcs…☆205Updated 2 weeks ago
- Open Source Vulnerability schema.☆205Updated last week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆406Updated last week
- Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.☆107Updated last week
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.☆336Updated last week
- A set of Python command line tools for working with SARIF files produced by code analysis tools☆115Updated 2 weeks ago
- in-toto Attestation Framework☆287Updated this week
- Python classes for the SARIF object model☆43Updated last year
- OpenSSF Working Group on Securing Software Repositories☆111Updated 2 months ago
- Collection of tools for analyzing open source packages.☆350Updated last week
- Doc, wiki and organizational content for ClearlyDefined☆101Updated this week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆97Updated 2 weeks ago
- The model for the information captured in SPDX version 3 standard.☆91Updated this week
- Examples of SPDX files for software combinations☆133Updated last month
- Helping allocate resources to secure the critical open source projects we all depend on.☆359Updated 2 months ago
- Official GitHub Action for OpenSSF Scorecard.☆322Updated last week
- PURL to CPE Relationship mapping project.☆91Updated this week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆843Updated this week
- Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).☆96Updated last year
- Resources for the deps.dev API☆330Updated last week
- GitHub Action for filtering Code Scanning alerts by path and id☆32Updated 9 months ago
- Generate SBOMs with gh CLI☆189Updated 2 months ago
- Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …☆186Updated last year
- GitHub Secret Scanning Auto Remediator (GSSAR)☆45Updated 2 weeks ago
- The service side of clearlydefined.io☆48Updated last week
- Technical Advisory Council☆129Updated this week
- A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…☆136Updated last year