A GitHub App that acts like a Security Token Service (STS) for the Github API
☆354May 28, 2026Updated this week
Alternatives and similar repositories for app
Users that are interested in app are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Scan GitHub Actions Workflow logs for IOCs☆17May 18, 2026Updated last week
- ☆57May 5, 2026Updated 3 weeks ago
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆122Aug 8, 2025Updated 9 months ago
- Throw a tag at it and it comes back with a checksum.☆184May 22, 2026Updated last week
- Keyless Git signing using Sigstore☆1,090May 19, 2026Updated last week
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆1,168Updated this week
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆87May 21, 2026Updated last week
- #supply #chain #attack #detection☆657Updated this week
- A Go library for acquiring a forward-looking lock in Google Cloud Storage.☆15Mar 13, 2025Updated last year
- GitHub Actions linter☆245Updated this week
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated last year
- Attaché provides an emulation layer for Cloud Provider IMDS APIs☆59May 8, 2026Updated 3 weeks ago
- Add CA certificates into containers☆170May 19, 2026Updated last week
- Expand IAM Actions with Wildcards☆35May 23, 2026Updated last week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Software Supply Chain Security Platform☆403May 22, 2026Updated last week
- Simple tool that allows you to detect imposter commits in GitHub Actions workflows.☆30Dec 17, 2024Updated last year
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆533Updated this week
- ☆20Updated this week
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆103Apr 23, 2024Updated 2 years ago
- ☆22Apr 10, 2026Updated last month
- A tool for securing CI/CD workflows with version pinning.☆935Apr 21, 2026Updated last month
- GitHub Action to automate versioning, releases, and documentation for Terraform modules in monorepos.☆221Updated this week
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆100Apr 22, 2026Updated last month
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆143Jan 2, 2025Updated last year
- GitHub token permissions Monitor and Advisor actions☆368Jan 31, 2026Updated 3 months ago
- Build OCI images from APK packages directly without Dockerfile☆1,615Updated this week
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆508Jun 27, 2025Updated 11 months ago
- Cloud Commotion intends to cause chaos to simulate security incidents☆149Jun 18, 2024Updated last year
- Software Supply Chain Transparency Log☆1,147Updated this week
- ☆59May 21, 2026Updated last week
- A repository containing a collection of "glue" modules for encapsulating common Cloud Run patterns.☆28May 22, 2026Updated last week
- ☆29Aug 9, 2024Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A CLI used to work with the Wolfi OSS project☆72Updated this week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆48May 11, 2026Updated 2 weeks ago
- Static analysis for GitHub Actions☆5,287Updated this week
- Language-agnostic SLSA provenance generation for Github Actions☆573Mar 29, 2026Updated 2 months ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆60Oct 19, 2023Updated 2 years ago
- [Experimental] jail for Go modules☆138May 11, 2026Updated 2 weeks ago
- Plugin for Helm to integrate the sigstore ecosystem☆70Updated this week