Alternatives and similar repositories for governance

Users that are interested in governance are comparing it to the libraries listed below

• slsa-framework / slsa-proposals
  SLSA Proposals
  ☆10Updated last year
• slsa-framework / slsa-jenkins-generator
  A proof-of-concept SLSA provenance generator for Jenkins
  ☆24Updated 11 months ago
• ossf / scorecard-webapp
  Website and API for OpenSSF Scorecard
  ☆24Updated this week
• CVEProject / cve-documents
  Source for official CVE Program policy documents.
  ☆16Updated 2 months ago
• slsa-framework / azure-devops-demo
  SLSA Azure DevOps Pipelines Extension
  ☆30Updated 11 months ago
• ossf / wg-endusers
  OpenSSF Endusers Working Group
  ☆28Updated last year
• GSA / automate.fedramp.gov
  ☆16Updated 2 weeks ago
• FIRSTdotorg / epss
  Exploit Prediction Scoring System (EPSS)
  ☆28Updated 3 years ago
• github / entitlements-gitrepo-auditor-plugin
  Entitlements plugin for a robust audit log
  ☆21Updated last week
• mchmarny / disco
  Utility for bulk image, license, package, and vulnerability discovery in containerize workloads on GCP. Includes CLI and Service with cus…
  ☆14Updated last year
• ossf / tac
  Technical Advisory Council
  ☆127Updated 3 weeks ago
• github / emergency-pull-request-probot-app
  Bypass approval and checks in order to merge an emergency change to the main branch with audit controls.
  ☆50Updated 2 weeks ago
• ossf / Project-Security-Metrics
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Updated last year
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆189Updated last month
• github / ghas-jira-integration
  Synchronize GitHub Code Scanning alerts to Jira issues
  ☆89Updated 3 weeks ago
• slsa-framework / oss-na24-slsa-workshop
  ☆10Updated last year
• ossf / alpha-omega
  Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
  ☆106Updated last week
• FIRSTdotorg / openedx-docker
  A best practice Docker image of Open edX
  ☆19Updated last year
• googleworkspace / workspace-guardrails-ps-ca
  ☆20Updated 2 years ago
• philips-labs / continuous-compliance-action
  Continuous Compliance makes it possible to enforce company policy on repositories. Continuous Compliance will automatically check your re…
  ☆22Updated last year
• microsoft / scim
  Supply Chain Integrity Model
  ☆105Updated 2 years ago
• CVEProject / cve-website
  The new CVE website
  ☆89Updated last week
• ossf / scorecard-monitor
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆35Updated 2 months ago
• sigstore / community
  General sigstore community repo
  ☆40Updated last week
• todogroup / ospolandscape
  OSPO Landscape
  ☆38Updated 2 months ago
• FIRSTdotorg / edx-platform
  The Open edX platform, the software that powers edX!
  ☆13Updated 8 years ago
• ossf / wg-securing-software-repos
  OpenSSF Working Group on Securing Software Repositories
  ☆110Updated last month
• ossf / wg-supply-chain-integrity
  Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …
  ☆185Updated last year
• CMSgov / ars-machine-readable
  Publish a machine readable version of the ARS standards to facilitate compliance as code efforts.
  ☆23Updated last year
• ossf / ai-ml-security
  Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
  ☆93Updated last week