oss-review-toolkit / ort-ci-github-action
Run ORT in your GitHub action workflow to do licensing, security and best practices checks and generate reports/SBOMs
☆29Updated last month
Alternatives and similar repositories for ort-ci-github-action:
Users that are interested in ort-ci-github-action are comparing it to the libraries listed below
- Generates SPDX bill-of-material files from a package input and license scan☆13Updated 11 months ago
- Orchestrate GitHub Actions Security☆278Updated this week
- Submit SBOMs to GitHub's dependency submission API☆12Updated last year
- Enrich SBOMs with data from third party services☆161Updated last month
- Official GitHub Action for OpenSSF Scorecard.☆288Updated this week
- GitHub Action for creating software bill of materials using Syft.☆176Updated last week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆33Updated last month
- Publishes BOMs to Dependency-Track from GitHub Actions☆52Updated 5 months ago
- GitHub Action for submitting Maven dependencies☆49Updated 6 months ago
- GitHub Actions to run Probot settings and set defaults☆19Updated 2 years ago
- A java api and command line tool for scanning, reporting and fixing a git repository's InnerSource Readiness based on a supplied specific…☆20Updated last year
- GitHub app for SBOM creation using cdxgen and upload to Dependency-Track☆18Updated this week
- Github Action implementation of SLSA Provenance Generation☆47Updated this week
- Need to centrally manage and run Actions workflows across multiple repositories? This app does it for you.☆133Updated 10 months ago
- creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects☆126Updated last month
- Generate a score for your sbom to understand if it will actually be useful.☆226Updated 7 months ago
- GitHub Action to autograde projects based on a configurable set of metrics☆27Updated this week
- A collection of resources to improve insight into your organization's open source contribution☆19Updated 4 months ago
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆196Updated this week
- Plugin for retrieving Dependencytrack metrics in Backstage☆17Updated 6 months ago
- An Action for printing OIDC claims in GitHub Actions.☆85Updated 2 weeks ago
- Generate docs for GitHub actions☆91Updated this week
- JavaScript code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oas…☆27Updated 10 months ago
- A light-weight app to audit and inventory large codebases for open source license compliance.☆61Updated this week
- Present ZAProxy results in GitHub Advanced Security☆16Updated 10 months ago
- GitHub action for Hadolint, A Dockerfile linting tool☆214Updated last year
- GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.☆117Updated this week
- GitHub Action to get a license overview in SPDX format☆14Updated 3 years ago
- GitHub Advanced Security Policy as Code☆81Updated 3 weeks ago
- Team performance insights for your organization.☆74Updated 9 months ago