Supply Chain Security
Showing 6 of 6 projects
Upgrades your package.json dependencies to the latest versions while preserving existing semantic versioning policies.
A tool for signing and verifying container images and other artifacts using the Sigstore framework.
Automated security health metrics for open source projects, assessing security best practices and risks.
A static analysis tool that finds security vulnerabilities and misconfigurations in GitHub Actions workflows.
A Composer package that blocks installation of PHP dependencies with known security vulnerabilities.
A curated list of DevSecOps tools, resources, and training materials for integrating security into the development lifecycle.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.