philips-labs / continuous-compliance-actionLinks
Continuous Compliance makes it possible to enforce company policy on repositories. Continuous Compliance will automatically check your repository for mandatory files or requirements. When possible, it will create detailed Github issue with instructions on how to resolve it.
☆22Updated last month
Alternatives and similar repositories for continuous-compliance-action
Users that are interested in continuous-compliance-action are comparing it to the libraries listed below
Sorting:
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆33Updated 2 years ago
- ☆50Updated last week
- Sets up Open Policy Agent CLI in your GitHub Actions workflow.☆52Updated last month
- ☆81Updated last year
- GitHub Advance Security Compliance Action☆134Updated 2 years ago
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded☆75Updated last week
- SLSA level 3 action☆11Updated last year
- Synchronize GitHub Code Scanning alerts to Jira issues☆92Updated 2 weeks ago
- Github Action implementation of SLSA Provenance Generation☆50Updated last week
- GitHub Advanced Security Policy as Code☆89Updated 3 weeks ago
- Generate SBOMs with gh CLI☆193Updated 4 months ago
- ☆57Updated 3 years ago
- CodeQL Extractor, Library, and Queries for Infrastructure as Code☆54Updated last week
- Example of using Actions OIDC token to proxy into a private network☆99Updated 6 months ago
- Website and API for OpenSSF Scorecard☆25Updated this week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆99Updated this week
- A GitHub Action to suggest removal of non-organization members from CODEOWNERS files☆135Updated last week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆38Updated 4 months ago
- GitHub Secret Scanning Auto Remediator (GSSAR)☆46Updated 2 months ago
- An SBOM query language and associated utilities☆54Updated last year
- A tool that aims to bulk automates the enablement of GitHub Code Scanning, Secret Scanning and Dependabot across multiple repositories.☆157Updated last year
- fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…☆11Updated 3 weeks ago
- Lists all InnerSource projects of a company in an interactive and easy to use way. Can be used as a template for implementing the "InnerS…☆150Updated 6 months ago
- Orchestrate GitHub Actions Security☆295Updated last month
- Throw a tag at it and it comes back with a checksum.☆150Updated this week
- Docs and Tutorials for Chainguard☆85Updated this week
- A tool to create, transform and attest VEX metadata☆159Updated this week
- GitHub Actions Importer helps you plan and automate the migration of Azure DevOps, Bamboo, CircleCI, GitLab, Jenkins, and Travis CI pipel…☆57Updated last year
- ☆19Updated last month
- Generate a score for your sbom to understand if it will actually be useful.☆233Updated last year