pixee / codemodder-specs

Related projects ⓘ

Alternatives and complementary repositories for codemodder-specs

• pixee / upload-tool-results-action
  A GitHub Action that allows Pixeebot to fix issues found by other code scanners
  ☆14Updated last month
• pixee / python-security
  Security toolkit for the Python community
  ☆14Updated 3 weeks ago
• pixee / codemodder-java
  a framework for building java codemods
  ☆39Updated this week
• pixee / pixee-cli
  Implementation of the Pixee CLI
  ☆29Updated this week
• pixee / java-security-toolkit
  A set of security APIs meant to help secure Java code
  ☆19Updated 4 months ago
• eclipse / jbom
  ☆111Updated 5 months ago
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆120Updated this week
• oracle / macaron
  Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …
  ☆138Updated this week
• yahoo / GitHub-Security-Alerts-Workflow
  Automation to Incorporate GitHub Security Alerts Into your Business Workflow
  ☆23Updated last year
• interlynk-io / sbomqs
  SBOM quality score - Quality metrics for your sboms
  ☆186Updated this week
• sonatype-nexus-community / scan-gradle-plugin
  Gradle plugin that scans the dependencies of a Gradle project using Sonatype platforms: OSS Index and Nexus IQ Server.
  ☆77Updated 2 weeks ago
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆221Updated 3 months ago
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆71Updated 3 weeks ago
• CycloneDX / cyclonedx-property-taxonomy
  A taxonomy of all official CycloneDX property namespaces and names
  ☆14Updated this week
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆75Updated this week
• interlynk-io / sbomasm
  SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.
  ☆57Updated 3 weeks ago
• advanced-security / policy-as-code
  GitHub Advanced Security Policy as Code
  ☆74Updated this week
• ossf / malicious-packages
  A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…
  ☆255Updated this week
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆72Updated 2 months ago
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆79Updated this week
• openvex / spec
  OpenVEX Specification
  ☆132Updated 4 months ago
• snyk-labs / pysnyk
  A Python client for the Snyk API.
  ☆90Updated 3 months ago
• GeekMasher / advanced-security-compliance
  GitHub Advance Security Compliance Action
  ☆132Updated last year
• madpah / vexy
  Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents
  ☆19Updated last year
• ossf / wg-securing-software-repos
  OpenSSF Working Group on Securing Software Repositories
  ☆92Updated 3 weeks ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆141Updated 8 months ago
• advanced-security / maven-dependency-submission-action
  GitHub Action for submitting Maven dependencies
  ☆48Updated last month
• CycloneDX / cyclonedx-python-lib
  Python implementation of OWASP CycloneDX
  ☆70Updated this week
• openrewrite / rewrite-gradle-plugin
  OpenRewrite's Gradle plugin.
  ☆65Updated this week
• bureado / awesome-software-supply-chain-security
  A compilation of resources in the software supply chain security domain, with emphasis on open source
  ☆291Updated last year