philips-labs / continuous-compliance-action
Continuous Compliance makes it possible to enforce company policy on repositories. Continuous Compliance will automatically check your repository for mandatory files or requirements. When possible, it will create detailed Github issue with instructions on how to resolve it.
☆21Updated 9 months ago
Alternatives and similar repositories for continuous-compliance-action:
Users that are interested in continuous-compliance-action are comparing it to the libraries listed below
- Github Action implementation of SLSA Provenance Generation☆47Updated this week
- ☆79Updated 10 months ago
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆32Updated 2 years ago
- GitHub Secret Scanning Auto Remediator (GSSAR)☆44Updated last year
- GitHub Advanced Security Policy as Code☆81Updated last week
- Sample GitHub App which monitors and enforces rules for code scanning, Dependabot, and secret scanning alerts☆23Updated 4 months ago
- Synchronize GitHub Code Scanning alerts to Jira issues☆83Updated 3 weeks ago
- A GitHub Action to suggest removal of non-organization members from CODEOWNERS files☆126Updated this week
- A GitHub action to measure GitHub Actions workflow metrics. An enabler to put the concept discussed in the post to practice - https://www…☆23Updated last year
- A GitHub action for organizations that enables advanced security code scanning on all new repos☆39Updated last year
- An OIDC client to retrieve a GitHub API scoped token from within an Actions workflow☆27Updated 10 months ago
- GitHub Code Scanning Mean Time to Remediate (GCSMTTR)☆14Updated last year
- Play with GHAS API to provide posture data over time☆35Updated 2 months ago
- Website and API for OpenSSF Scorecard☆23Updated this week
- GitHub Advance Security Compliance Action☆132Updated 2 years ago
- ☆15Updated last month
- Manage a uniform team of security managers for every organization in your enterprise☆17Updated 6 months ago
- CodeQL Extractor, Library, and Queries for Infrastructure as Code☆46Updated last week
- An SBOM query language and associated utilities☆54Updated last year
- A tool that aims to bulk automates the enablement of GitHub Code Scanning, Secret Scanning and Dependabot across multiple repositories.☆153Updated 8 months ago
- GitHub Advanced Security Pull Request Security Team required review GitHub App☆35Updated this week
- Action to detect if a secret is initially detected in a pull request☆15Updated 2 weeks ago
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆79Updated this week
- GitHub Action to reject approval of a pull request by any committer to that pull request☆12Updated 8 months ago
- Sets up Open Policy Agent CLI in your GitHub Actions workflow.☆48Updated 11 months ago
- gh cli extension to generate account/organization/enterprise reports☆25Updated last week
- This repository creates pull requests to push a GitHub Actions workflow to a collection of workflows.☆45Updated last year
- Example of using Actions OIDC token to proxy into a private network☆91Updated 2 weeks ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆33Updated 3 weeks ago