Alternatives and similar repositories for app:

Users that are interested in app are comparing it to the libraries listed below

• suzuki-shunsuke / tfprovidercheck
  CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…
  ☆77Updated this week
• octo-sts / action
  ☆30Updated last month
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated 10 months ago
• stacklok / frizbee
  Throw a tag at it and it comes back with a checksum.
  ☆87Updated last week
• chainguard-dev / actions
  A collection of reusable Github Actions workflows.
  ☆120Updated this week
• RichardoC / kube-audit-rest
  Kubernetes audit logging, when you don't control the control plane
  ☆66Updated this week
• openvex / vexctl
  A tool to create, transform and attest VEX metadata
  ☆119Updated this week
• chainguard-dev / digestabot
  Github Action to automatically update digests for container images.
  ☆50Updated last month
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated last year
• in-toto / archivista
  Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…
  ☆75Updated last week
• wolfi-dev / wolfi-act
  Dynamic GitHub Actions from Wolfi packages
  ☆41Updated 7 months ago
• chainguard-dev / justtrustme
  ☆51Updated this week
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆69Updated last year
• rallyhealth / conftest-policy-packs
  Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.
  ☆58Updated last year
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆136Updated this week
• mchmarny / s3cme
  Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…
  ☆98Updated 7 months ago
• aquasecurity / tracee-action
  Protect GitHub Actions with Tracee
  ☆80Updated last year
• slsa-framework / slsa-github-generator-go
  ☆56Updated 2 years ago
• primeharbor / org-kickstart
  Kickstart and manage your AWS Organization via Terraform
  ☆73Updated this week
• slsa-framework / github-actions-demo
  Proof-of-concept SLSA provenance generator for GitHub Actions
  ☆99Updated 2 years ago
• scribe-public / gitgat
  Evaluate source control (GitHub) security posture
  ☆249Updated last year
• chainguard-dev / clank
  Simple tool that allows you to detect imposter commits in GitHub Actions workflows.
  ☆23Updated this week
• IBM / sbom-utility
  This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility
  ☆61Updated last year
• open-policy-agent / setup-opa
  Sets up Open Policy Agent CLI in your GitHub Actions workflow.
  ☆46Updated 8 months ago
• google / localtoast
  ☆107Updated 2 months ago
• wiz-sec-public / namespacehound
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆59Updated 8 months ago
• jetstack / paranoia
  Inspect certificate authorities in container images
  ☆228Updated 7 months ago
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆80Updated last week
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious PyPI and npm packages
  ☆83Updated this week
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆222Updated 4 months ago