Alternatives and similar repositories for codemodder-specs:

Users that are interested in codemodder-specs are comparing it to the libraries listed below

• pixee / upload-tool-results-action
  A GitHub Action that allows Pixee to fix issues found by other code scanners
  ☆14Updated 2 months ago
• pixee / python-security
  Security toolkit for the Python community
  ☆14Updated last month
• pixee / codemodder-java
  a framework for building java codemods
  ☆40Updated last month
• pixee / pixee-cli
  Implementation of the Pixee CLI
  ☆31Updated last week
• pixee / java-security-toolkit
  A set of security APIs meant to help secure Java code
  ☆20Updated 3 months ago
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆162Updated last month
• eclipse-jbom / jbom
  ☆114Updated 9 months ago
• oracle / macaron
  Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …
  ☆148Updated this week
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆92Updated last week
• advanced-security / policy-as-code
  GitHub Advanced Security Policy as Code
  ☆82Updated last week
• ossf / wg-supply-chain-integrity
  Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …
  ☆180Updated last year
• GeekMasher / advanced-security-compliance
  GitHub Advance Security Compliance Action
  ☆133Updated 2 years ago
• madpah / vexy
  Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents
  ☆20Updated 2 months ago
• sigstore / sigstore-maven-plugin
  sigstore maven plugin
  ☆18Updated 8 months ago
• MediaMarktSaturn / technolinator
  GitHub app for SBOM creation using cdxgen and upload to Dependency-Track
  ☆18Updated this week
• ossf / scorecard-monitor
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆33Updated last month
• ossf / wg-vulnerability-disclosures
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆186Updated this week
• openvex / spec
  OpenVEX Specification
  ☆144Updated this week
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆85Updated this week
• sigstore / sigstore-java
  java clients for sigstore
  ☆54Updated this week
• ossf / alpha-omega
  Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
  ☆94Updated last week
• advanced-security / maven-dependency-submission-action
  GitHub Action for submitting Maven dependencies
  ☆49Updated this week
• advanced-security / secret-scanning-custom-patterns
  Examples of Custom Secret Scanning Patterns
  ☆159Updated last month
• ossf / tac
  Technical Advisory Council
  ☆118Updated this week
• ossf / wg-securing-software-repos
  OpenSSF Working Group on Securing Software Repositories
  ☆100Updated 5 months ago
• Contrast-Security-OSS / safelog4j
  Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …
  ☆41Updated 9 months ago
• nyph-infosec / daggerboard
  ☆100Updated 6 months ago
• CycloneDX / cyclonedx-gradle-plugin
  Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
  ☆183Updated this week
• JLLeitschuh / bulk-security-pr-generator
  Generate thousands of pull requests to fix widespread security vulnerabilities across GitHub.
  ☆34Updated last month
• AevaOnline / supply-chain-synthesis
  Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.
  ☆33Updated last year