pixee / codemodder-specs
☆15Updated last month
Related projects: ⓘ
- A GitHub Action that allows Pixeebot to fix issues found by other code scanners☆14Updated last month
- Security toolkit for the Python community☆14Updated last month
- Python implementation of the Codemodder framework☆35Updated this week
- Implementation of the Pixee CLI☆29Updated last week
- a framework for building java codemods☆38Updated this week
- A set of security APIs meant to help secure Java code☆18Updated 2 months ago
- GitHub Action for submitting Maven dependencies☆47Updated last month
- ☆110Updated 3 months ago
- sigstore maven plugin☆18Updated last month
- java clients for sigstore☆37Updated last week
- Enrich SBOMs with data from third party services☆108Updated 3 weeks ago
- GitHub Advanced Security Policy as Code☆67Updated last week
- CycloneDX SBOM Model and Utils for Creating and Validating BOMs☆80Updated this week
- Python implementation of OWASP CycloneDX☆66Updated this week
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆59Updated this week
- Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …☆41Updated 3 months ago
- GitHub Advance Security Compliance Action☆131Updated last year
- SBOM quality score - Quality metrics for your sboms☆161Updated this week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆31Updated 2 months ago
- Gradle Plugin for Extracting Dependency Information to send to GitHub☆80Updated this week
- Reproducible Central: rebuild instructions for artifacts published to (Maven) Central Repository☆99Updated this week
- PURL to CPE Relationship mapping project.☆69Updated this week
- A taxonomy of all official CycloneDX property namespaces and names☆14Updated 3 weeks ago
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆65Updated 2 weeks ago
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆131Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆219Updated last month
- Static Code Analyser for Infrastructure-as-Code languages such as CloudFormation and Terraform as well as DevOps like Docker and Kuberne…☆24Updated this week
- Measure release insights and recommendations for open-source dependencies. Note: this project is archived.☆11Updated last year
- A GitHub CLI extension for GitHub Code-Scanning!☆24Updated last year
- Checkmarx CxFlow GitHub Action with SARIF output☆52Updated 2 weeks ago