semgrep / semgrep-action
This project is deprecated. Use https://github.com/returntocorp/semgrep instead
☆73Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for semgrep-action
- Security scanning & static analysis tool☆93Updated 3 weeks ago
- A tool to check the security settings of Github Organizations.☆69Updated last year
- A community collection of security reviews of open source software components.☆92Updated 8 months ago
- ☆79Updated this week
- Collect, curate, and communicate relevant security metrics for open source projects.☆63Updated 7 months ago
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆179Updated 3 months ago
- A Python client for the Snyk API.☆88Updated 2 months ago
- Securing Alice's, Bob's and Carl's software supply chain using in-toto☆88Updated 2 weeks ago
- A Python library and command line interface for CVE Services.☆58Updated last week
- Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …☆177Updated 8 months ago
- Technical Advisory Council☆109Updated this week
- Software Component Verification Standard (SCVS)☆134Updated 6 months ago
- ☆74Updated 4 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆141Updated 7 months ago
- Synchronize GitHub Code Scanning alerts to Jira issues☆81Updated last month
- ☆61Updated last year
- Static analysis for CloudFormation templates to identify common misconfiguration☆58Updated 2 years ago
- Generate SBOMs with gh CLI☆165Updated last month
- This repository contains a sample script which can be used to enable security vulnerability alerts in all of the repositories in a given …☆79Updated last month
- Open Source Vulnerability schema.☆184Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆221Updated 2 months ago
- ☆36Updated this week
- Orchestrate GitHub Actions Security☆256Updated last month
- ☆22Updated 2 years ago
- ☆92Updated this week
- Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.☆84Updated this week
- Low-effort reachability analysis for third-party code vulnerabilities.☆19Updated last year
- Measure release insights and recommendations for open-source dependencies. Note: this project is archived.☆11Updated last year
- Documenting your Threat Models with HCL☆400Updated 2 months ago
- A documentation and tracking project with the goal of making package management systems more secure.☆49Updated 3 years ago