Alternatives and similar repositories for continuous-compliance-action

Users that are interested in continuous-compliance-action are comparing it to the libraries listed below

• VexStore / fatbom
  fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…
  ☆33Updated 3 years ago
• open-policy-agent / setup-opa
  Sets up Open Policy Agent CLI in your GitHub Actions workflow.
  ☆52Updated 2 weeks ago
• GeekMasher / advanced-security-compliance
  GitHub Advance Security Compliance Action
  ☆134Updated 2 years ago
• octo-sts / action
  ☆50Updated last week
• philips-labs / slsa-provenance-action
  Github Action implementation of SLSA Provenance Generation
  ☆50Updated last week
• nais / salsa
  SLSA level 3 action
  ☆11Updated last year
• github / actions-oidc-gateway-example
  Example of using Actions OIDC token to proxy into a private network
  ☆99Updated 7 months ago
• peter-murray / github-security-report-action
  ☆81Updated last year
• github / cleanowners
  A GitHub Action to suggest removal of non-organization members from CODEOWNERS files
  ☆136Updated last week
• github / audit-actions-workflow-runs
  Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded
  ☆75Updated last week
• advanced-security / policy-as-code
  GitHub Advanced Security Policy as Code
  ☆90Updated 2 weeks ago
• onelittlenightmusic / opactl
  A simple tool for converting Rego (OPA) rule into command.
  ☆31Updated 3 years ago
• NickLiffen / ghas-enablement
  A tool that aims to bulk automates the enablement of GitHub Code Scanning, Secret Scanning and Dependabot across multiple repositories.
  ☆157Updated last year
• advanced-security / codeql-extractor-iac
  CodeQL Extractor, Library, and Queries for Infrastructure as Code
  ☆54Updated 3 weeks ago
• slsa-framework / slsa-github-generator-go
  ☆57Updated 3 years ago
• uwu-tools / peribolos
  ☆24Updated this week
• devops-actions / load-used-actions
  Load used actions from an entire organization
  ☆17Updated 3 weeks ago
• github / ghas-jira-integration
  Synchronize GitHub Code Scanning alerts to Jira issues
  ☆93Updated 2 weeks ago
• KittyChiu / workflow-metrics
  A GitHub action to measure GitHub Actions workflow metrics. An enabler to put the concept discussed in the post to practice - https://www…
  ☆22Updated last year
• snyk / policy-engine
  Unified Policy Engine
  ☆64Updated last month
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆194Updated 4 months ago
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated last year
• SAP / project-portal-for-innersource
  Lists all InnerSource projects of a company in an interactive and easy to use way. Can be used as a template for implementing the "InnerS…
  ☆150Updated this week
• in-toto / archivista
  Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…
  ☆101Updated this week
• sysdiglabs / k8s-security-configwatch
  Git action to generate security lint report for Kubernetes workload YAML files on PR
  ☆28Updated 3 years ago
• slsa-framework / github-actions-demo
  Proof-of-concept SLSA provenance generator for GitHub Actions
  ☆100Updated 2 years ago
• helaili / github-oidc-auth-app
  An OIDC client to retrieve a GitHub API scoped token from within an Actions workflow
  ☆30Updated last year
• peter-murray / workflow-application-token-action
  GitHub Action that will get a scoped short lived token for Actions workflows using a GitHub Application.
  ☆196Updated 7 months ago
• chainguard-dev / cosign-ecs-verify
  Lambda function for verifying signed images in ECS
  ☆33Updated last year
• policy-hub / policy-hub-cli
  CLI for searching Rego policies
  ☆106Updated 3 years ago