aegilops
Follow
Stars
A GitHub App that allows you to contribute upstream using private mirrors of public projects
A GitHub CLI extension for interacting with Code Scanning analyses and SARIF files
Tool to find common vulnerabilities in cryptographic public keys
A GitHub Dependency Review compatible YAML file for https://blueoakcouncil.org/list
Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.
Detect when your installed extensions have changed owners.
🦫 A Probot app to forward GitHub Actions workflow logs
Original workshops and staging area for new ones
Terrascan GitHub action. Scan infrastructure as code including Terraform, Kubernetes, Helm, and Kustomize file for security best practices.
Automated mass refactoring of source code.
A compilation of resources in the software supply chain security domain, with emphasis on open source
Optimize the utilization of GHAS licenses in an enterprise (or organization)
Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
a structural diff that understands syntax 🟥🟩
Tool to achieve policy driven vetting of open source dependencies
Send a webhook back to a repo as a dispatch event
Action to detect if a secret is initially detected in a PR commit
A command-line tool to prevent committing secret keys into your source code
A C library that may be linked into a C/C++ program to produce symbolic backtraces
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
i-Code CNES is a static code analysis tool to help developpers write code compliant with CNES coding rules.
This is the artifact released in the ICSE'24 paper "Less is More? An Empirical Study on Configuration Issues in Python PyPI Ecosystem".