pixee / codemodder-specsLinks
☆14Updated 2 months ago
Alternatives and similar repositories for codemodder-specs
Users that are interested in codemodder-specs are comparing it to the libraries listed below
Sorting:
- A GitHub Action that allows Pixee to fix issues found by other code scanners☆15Updated 4 months ago
- Security toolkit for the Python community☆15Updated 3 months ago
- a framework for building java codemods☆41Updated 3 months ago
- A set of security APIs meant to help secure Java code☆20Updated 5 months ago
- ☆114Updated last month
- java clients for sigstore☆56Updated this week
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆157Updated this week
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆74Updated this week
- PURL to CPE Relationship mapping project.☆91Updated this week
- Python implementation of OWASP CycloneDX☆82Updated this week
- Java/JVM implementation of the package url spec☆41Updated this week
- Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …☆185Updated last year
- SBOM Assess - Evaluate SBOM quality and compliance☆212Updated this week
- GitHub app for SBOM creation using cdxgen and upload to Dependency-Track☆18Updated this week
- CycloneDX SBOM Model and Utils for Creating and Validating BOMs☆93Updated this week
- Reproducible Central: rebuild instructions for artifacts published to (Maven) Central Repository☆114Updated this week
- Software Component Verification Standard (SCVS)☆147Updated 2 months ago
- Enrich SBOMs with data from third party services☆175Updated 2 months ago
- SARIF Microsoft Visual Studio Code extension☆117Updated this week
- creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects☆128Updated last week
- Gradle plugin that scans the dependencies of a Gradle project using Sonatype platforms: OSS Index and Lifecycle.☆77Updated 3 weeks ago
- A taxonomy of all official CycloneDX property namespaces and names☆16Updated 2 weeks ago
- Fork of the Dependency-Track API server. It includes various changes necessary to work with Hyades.☆14Updated this week
- A standard API specification for exchanging supply chain artifacts and intelligence☆81Updated this week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆399Updated this week
- A compilation of resources in the software supply chain security domain, with emphasis on open source☆320Updated 2 years ago
- Report on quality of SBOM contents☆17Updated 5 months ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆310Updated this week
- GitHub Advanced Security Policy as Code☆82Updated 2 weeks ago
- Utility that provides an API platform for validating, querying and managing BOM data☆113Updated last week