A GitHub App that acts like a Security Token Service (STS) for the Github API
☆364Jun 17, 2026Updated this week
Alternatives and similar repositories for app
Users that are interested in app are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Scan GitHub Actions Workflow logs for IOCs☆18Jun 9, 2026Updated last week
- ☆58May 5, 2026Updated last month
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆122Aug 8, 2025Updated 10 months ago
- Throw a tag at it and it comes back with a checksum.☆185Jun 11, 2026Updated last week
- Keyless Git signing using Sigstore☆1,092Jun 9, 2026Updated last week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆1,202Jun 13, 2026Updated last week
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆88Updated this week
- #supply #chain #attack #detection☆665Updated this week
- A Go library for acquiring a forward-looking lock in Google Cloud Storage.☆16Mar 13, 2025Updated last year
- GitHub Actions linter☆245Jun 11, 2026Updated last week
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated last year
- Attaché provides an emulation layer for Cloud Provider IMDS APIs☆59Updated this week
- Add CA certificates into containers☆170Jun 3, 2026Updated 2 weeks ago
- Expand IAM Actions with Wildcards☆35Jun 6, 2026Updated last week
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Software Supply Chain Security Platform☆407Updated this week
- Simple tool that allows you to detect imposter commits in GitHub Actions workflows.☆30Dec 17, 2024Updated last year
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆534Updated this week
- ☆20Jun 8, 2026Updated last week
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆104Apr 23, 2024Updated 2 years ago
- ☆22Apr 10, 2026Updated 2 months ago
- A tool for securing CI/CD workflows with version pinning.☆947Apr 21, 2026Updated last month
- GitHub Action to automate versioning, releases, and documentation for Terraform modules in monorepos.☆223Updated this week
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆101Apr 22, 2026Updated last month
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆146Jan 2, 2025Updated last year
- GitHub token permissions Monitor and Advisor actions☆370Jan 31, 2026Updated 4 months ago
- Build OCI images from APK packages directly without Dockerfile☆1,637Updated this week
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆507Jun 27, 2025Updated 11 months ago
- Cloud Commotion intends to cause chaos to simulate security incidents☆149Jun 18, 2024Updated 2 years ago
- Software Supply Chain Transparency Log☆1,158Jun 8, 2026Updated last week
- ☆59Jun 11, 2026Updated last week
- A repository containing a collection of "glue" modules for encapsulating common Cloud Run patterns.☆29Updated this week
- ☆29Aug 9, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆48Updated this week
- A CLI used to work with the Wolfi OSS project☆72Updated this week
- Static analysis for GitHub Actions☆5,640Updated this week
- Language-agnostic SLSA provenance generation for Github Actions☆575Mar 29, 2026Updated 2 months ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆61Oct 19, 2023Updated 2 years ago
- [Experimental] jail for Go modules☆137May 11, 2026Updated last month
- Plugin for Helm to integrate the sigstore ecosystem☆70Jun 4, 2026Updated 2 weeks ago