pixee / codemodder-specs

Related projects: ⓘ

• pixee / upload-tool-results-action
  A GitHub Action that allows Pixeebot to fix issues found by other code scanners
  ☆14Updated last month
• pixee / python-security
  Security toolkit for the Python community
  ☆14Updated last month
• pixee / codemodder-python
  Python implementation of the Codemodder framework
  ☆35Updated this week
• pixee / pixee-cli
  Implementation of the Pixee CLI
  ☆29Updated last week
• pixee / codemodder-java
  a framework for building java codemods
  ☆38Updated this week
• pixee / java-security-toolkit
  A set of security APIs meant to help secure Java code
  ☆18Updated 2 months ago
• advanced-security / maven-dependency-submission-action
  GitHub Action for submitting Maven dependencies
  ☆47Updated last month
• eclipse / jbom
  ☆110Updated 3 months ago
• sigstore / sigstore-maven-plugin
  sigstore maven plugin
  ☆18Updated last month
• sigstore / sigstore-java
  java clients for sigstore
  ☆37Updated last week
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆108Updated 3 weeks ago
• advanced-security / policy-as-code
  GitHub Advanced Security Policy as Code
  ☆67Updated last week
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆80Updated this week
• CycloneDX / cyclonedx-python-lib
  Python implementation of OWASP CycloneDX
  ☆66Updated this week
• DependencyTrack / hyades
  Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.
  ☆59Updated this week
• Contrast-Security-OSS / safelog4j
  Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …
  ☆41Updated 3 months ago
• GeekMasher / advanced-security-compliance
  GitHub Advance Security Compliance Action
  ☆131Updated last year
• interlynk-io / sbomqs
  SBOM quality score - Quality metrics for your sboms
  ☆161Updated this week
• ossf / scorecard-monitor
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆31Updated 2 months ago
• gradle / github-dependency-graph-gradle-plugin
  Gradle Plugin for Extracting Dependency Information to send to GitHub
  ☆80Updated this week
• jvm-repo-rebuild / reproducible-central
  Reproducible Central: rebuild instructions for artifacts published to (Maven) Central Repository
  ☆99Updated this week
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆69Updated this week
• CycloneDX / cyclonedx-property-taxonomy
  A taxonomy of all official CycloneDX property namespaces and names
  ☆14Updated 3 weeks ago
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆65Updated 2 weeks ago
• oracle / macaron
  Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …
  ☆131Updated this week
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆219Updated last month
• SonarSource / sonar-iac
  Static Code Analyser for Infrastructure-as-Code languages such as CloudFormation and Terraform as well as DevOps like Docker and Kuberne…
  ☆24Updated this week
• IBM / gauge
  Measure release insights and recommendations for open-source dependencies. Note: this project is archived.
  ☆11Updated last year
• advanced-security / gh-code-scanning
  A GitHub CLI extension for GitHub Code-Scanning!
  ☆24Updated last year
• checkmarx-ts / checkmarx-cxflow-github-action
  Checkmarx CxFlow GitHub Action with SARIF output
  ☆52Updated 2 weeks ago