Alternatives and similar repositories for sarif-spec:

Users that are interested in sarif-spec are comparing it to the libraries listed below

• microsoft / sarif-tutorials
  User-friendly documentation for the SARIF file format.
  ☆299Updated last year
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆114Updated 3 weeks ago
• microsoft / sarif-sdk
  .NET code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oasis-tcs…
  ☆200Updated last month
• microsoft / sarif-web-component
  A React-based component for viewing SARIF files.
  ☆94Updated 5 months ago
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆200Updated this week
• spdx / spdx-examples
  Examples of SPDX files for software combinations
  ☆129Updated last week
• CycloneDX / specification
  OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…
  ☆396Updated this week
• github / ossar-action
  Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).
  ☆96Updated last year
• spdx / spdx-3-model
  The model for the information captured in SPDX version 3 standard.
  ☆82Updated last week
• microsoft / sarif-python-om
  Python classes for the SARIF object model
  ☆43Updated last year
• spdx / spdx-spec
  The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.
  ☆320Updated last week
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆109Updated 4 months ago
• ossf / scorecard-action
  Official GitHub Action for OpenSSF Scorecard.
  ☆296Updated this week
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆118Updated last year
• google / deps.dev
  Resources for the deps.dev API
  ☆314Updated last week
• microsoft / OSSGadget
  Collection of tools for analyzing open source packages.
  ☆335Updated this week
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆183Updated 2 weeks ago
• ossf / alpha-omega
  Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
  ☆96Updated this week
• sarif-standard / sarif-spec-v1
  The specification document for the Static Analysis Results Interchange Format (SARIF)
  ☆57Updated 4 years ago
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆90Updated last week
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆142Updated last year
• spdx / tools
  SPDX Tools
  ☆135Updated last year
• advanced-security / policy-as-code
  GitHub Advanced Security Policy as Code
  ☆82Updated 2 weeks ago
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆171Updated last month
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆75Updated last week
• ossf / wg-securing-software-repos
  OpenSSF Working Group on Securing Software Repositories
  ☆104Updated 3 weeks ago
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated last year
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆87Updated this week
• advanced-security / GSSAR
  GitHub Secret Scanning Auto Remediator (GSSAR)
  ☆44Updated last month
• ossf / wg-vulnerability-disclosures
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆190Updated last month