Alternatives and similar repositories for go-sarif:

Users that are interested in go-sarif are comparing it to the libraries listed below

• picatz / taint
  🚰 Static taint analysis for Go programs.
  ☆63Updated 3 weeks ago
• CycloneDX / cyclonedx-gomod
  Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
  ☆151Updated last week
• package-url / packageurl-go
  Go implementation of the package url spec
  ☆58Updated last month
• slsa-framework / slsa-github-generator-go
  ☆56Updated 2 years ago
• aquasecurity / go-dep-parser
  Dependency Parser for Multiple Programming Languages
  ☆147Updated 9 months ago
• google / go-flow-levee
  ☆195Updated 2 years ago
• sigstore / sigstore-go
  Go library for Sigstore signing and verification
  ☆60Updated last week
• CycloneDX / cyclonedx-go
  Go library to consume and produce CycloneDX Software Bill of Materials (SBOM)
  ☆86Updated this week
• AdaLogics / go-fuzz-headers
  ☆105Updated 7 months ago
• spdx / tools-golang
  Collection of Go packages to work with SPDX files
  ☆143Updated last month
• doyensec / safeurl
  A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.
  ☆100Updated 10 months ago
• goreleaser / example-supply-chain
  Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations
  ☆56Updated last month
• hashicorp / go-secure-stdlib
  ☆65Updated last week
• openvex / go-vex
  Go module to generate and transform VEX documents
  ☆39Updated last week
• cncf / cncf-fuzzing
  ✨🔐 CNCF Fuzzers
  ☆122Updated last month
• AkihiroSuda / gomodjail
  [Experimental] jail for Go modules
  ☆83Updated last week
• goark / go-cvss
  Common Vulnerability Scoring System (CVSS)
  ☆25Updated last year
• in-toto / in-toto-golang
  A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
  ☆136Updated this week
• raesene / eathar
  ☆25Updated 10 months ago
• anchore / stereoscope
  go library for processing container images and simulating a squash filesystem
  ☆90Updated this week
• go-enry / go-license-detector
  Reliable project licenses detector.
  ☆134Updated 10 months ago
• Contrast-Security-OSS / go-test-bench
  Intentionally vulnerable Go web app.
  ☆43Updated 2 months ago
• VexStore / fatbom
  fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…
  ☆32Updated 2 years ago
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆113Updated last week
• cyphar / filepath-securejoin
  Proposed filepath.SecureJoin implementation
  ☆103Updated 3 weeks ago
• catenacyber / ngolo-fuzzing
  Automatic fuzz targets generation for Golang packages
  ☆53Updated 2 months ago
• ancat / hypercam
  A tool for interacting with live processes/containers
  ☆22Updated 2 years ago
• aquasecurity / fanal
  Static Analysis Library for Containers
  ☆198Updated last year
• aquasecurity / defsec
  Trivy's misconfiguration scanning engine
  ☆216Updated 2 months ago
• openvex / vexctl
  A tool to create, transform and attest VEX metadata
  ☆133Updated this week