octodemo / sbom-dependency-submission
Demo and resources that show how SBOMs can be used with GitHub's dependency graph
☆26Updated last year
Alternatives and similar repositories for sbom-dependency-submission:
Users that are interested in sbom-dependency-submission are comparing it to the libraries listed below
- Synchronize GitHub Code Scanning alerts to Jira issues☆84Updated last month
- Automatically open a pull request for repositories that have no CONTRIBUTING.md file☆35Updated this week
- This repository creates pull requests to push a GitHub Actions workflow to a collection of workflows.☆45Updated last year
- A tool that aims to bulk automates the enablement of GitHub Code Scanning, Secret Scanning and Dependabot across multiple repositories.☆153Updated 9 months ago
- ☆79Updated 11 months ago
- Bypass approval and checks in order to merge an emergency change to the main branch with audit controls.☆48Updated last week
- Play with GHAS API to provide posture data over time☆35Updated 2 months ago
- Calculates dependencies for a Go build-target and submits the list to the Dependency Submission API☆56Updated this week
- GitHub Actions Importer helps you plan and automate the migration of Azure DevOps, Bamboo, CircleCI, GitLab, Jenkins, and Travis CI pipel…☆71Updated 11 months ago
- ☆70Updated last month
- GitHub Secret Scanning Auto Remediator (GSSAR)☆44Updated last year
- This repository contains pipeline files for various CI/CD systems, illustrating how to integrate the CodeQL CLI Bundle for Automated Code…☆28Updated last year
- Example of using Actions OIDC token to proxy into a private network☆91Updated this week
- Query the GitHub Audit Log for your organization to send it over to other services like elastic, splunk or sentinel for visualization and…☆63Updated 5 months ago
- provides feedback to learners based on the outcome of their validation lab grader workflow☆35Updated last year
- ☆65Updated 9 months ago
- ☆10Updated last year
- GitHub Advanced Security Policy as Code☆81Updated 3 weeks ago
- GitHub Actions Importer helps you plan and automate the migration of Azure DevOps, Bamboo, CircleCI, GitLab, Jenkins, and Travis CI pipel…☆54Updated 7 months ago
- Find stale repositories in a GitHub organization.☆155Updated this week
- A tool for syncing the CodeQL Action from GitHub.com to GitHub Enterprise Server, including copying the CodeQL bundle.☆39Updated 2 weeks ago
- Examples of Custom Secret Scanning Patterns☆157Updated last month
- This repo demonstrates how to use the GitHub Code Scanning API to export all the alerts in an organization to a CSV file☆18Updated last year
- A GitHub action for organizations that enables advanced security code scanning on all new repos☆39Updated last year
- A GitHub CLI extension for GitHub Code-Scanning!☆24Updated last year
- A solution which drops GitHub Code Scanning Results from Repositories to Slack Channels.☆18Updated 8 months ago
- Actions workflows to help organizations manage the process of users requesting to use GitHub Actions from Marketplace and approving or de…☆24Updated last month
- Entitlements plugin for a robust audit log☆21Updated 2 weeks ago
- Official GitHub Action for OpenSSF Scorecard.☆288Updated this week
- Splunk Add-On to collect audit log events from Github Enterprise Cloud☆12Updated 2 years ago