Merge branch 'main' into main
This commit is contained in:
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Anchore Syft SBOM Scan",
|
||||
"creator": "Anchore",
|
||||
"description": "Produce Software Bills of Materials based on Anchore's open source Syft tool.",
|
||||
"iconName": "anchore",
|
||||
"categories": ["Code Scanning", "dockerfile", "dependency-management"]
|
||||
}
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"name": "Anchore Container Scan",
|
||||
"creator": "Indeni Cloudrail",
|
||||
"description": "Produce container image vulnerability and compliance reports based on the open-source Anchore container image scanner.",
|
||||
"name": "Anchore Grype Vulnerability Scan",
|
||||
"creator": "Anchore",
|
||||
"description": "Produce source and container vulnerability reports based on Anchore's open source Grype tool.",
|
||||
"iconName": "anchore",
|
||||
"categories": ["Code Scanning", "dockerfile"]
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,9 @@
|
||||
{
|
||||
"name": "clj-watson",
|
||||
"description": "Scan Clojure/Clojurescript projects for vulnerable direct/transitive dependencies.",
|
||||
"iconName": "clj-watson",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Clojure"
|
||||
]
|
||||
}
|
||||
@@ -1,6 +1,7 @@
|
||||
{
|
||||
"name": "CodeQL Analysis",
|
||||
"creator": "GitHub",
|
||||
"enterprise": true,
|
||||
"description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python, and Ruby developers.",
|
||||
"iconName": "octicon mark-github",
|
||||
"categories": ["Code Scanning", "C", "C++", "C#", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"]
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Contrast Scan",
|
||||
"creator": "Contrast Security Inc",
|
||||
"description": "Scans Pull Requests on each push for the introduction and/or resolution of vulnerabilities to the repository.",
|
||||
"iconName": "contrast",
|
||||
"categories": ["Code Scanning", "java", "javascript", "dotnet"]
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Red Hat CodeReady Dependency Analytics",
|
||||
"creator": "Red Hat",
|
||||
"description": "Scan your project's dependencies with CodeReady Dependency Analytics.",
|
||||
"iconName": "openshift",
|
||||
"categories": ["Code Scanning", "Go", "Python", "Node.js", "Java"]
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "Dependency Review",
|
||||
"description": "Scans Pull Requests on each push for the introduction and/or resolution of vulnerable depdendencies to the repository",
|
||||
"description": "Scans Pull Requests on each push for the introduction and/or resolution of vulnerable dependencies to the repository",
|
||||
"iconName": "octicon mark-github",
|
||||
"categories": [
|
||||
"Dependency review",
|
||||
|
||||
@@ -0,0 +1,12 @@
|
||||
{
|
||||
"name": "ESLint",
|
||||
"description": "A tool for identifying and reporting the problems found in ECMAScript/JavaScript code.",
|
||||
"iconName": "eslint",
|
||||
"enterprise": false,
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"JavaScript",
|
||||
"EcmaScript",
|
||||
"TypeScript"
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,24 @@
|
||||
{
|
||||
"name": "EthicalCheck",
|
||||
"creator": "APIsec",
|
||||
"description": "EthicalCheck provides the industry’s only free & automated API security testing service that uncovers security vulnerabilities using OWASP API list.",
|
||||
"iconName": "apisec",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"C",
|
||||
"C#",
|
||||
"C++",
|
||||
"Go",
|
||||
"Java",
|
||||
"JavaScript",
|
||||
"Kotlin",
|
||||
"Objective C",
|
||||
"PHP",
|
||||
"Python",
|
||||
"Ruby",
|
||||
"Rust",
|
||||
"Scala",
|
||||
"Swift",
|
||||
"TypeScript"
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,15 @@
|
||||
{
|
||||
"name": "Frogbot Scan and Fix",
|
||||
"description": "Automatically creates pull requests with fixes for vulnerable project dependencies. Uses JFrog Xray to scan the project. Included as part of JFrog's free subscription.",
|
||||
"iconName": "frogbot",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Go Module",
|
||||
"Maven POM",
|
||||
"NPM Config",
|
||||
"Gradle",
|
||||
"C#",
|
||||
"Python"
|
||||
],
|
||||
"creator": "JFrog"
|
||||
}
|
||||
@@ -0,0 +1,15 @@
|
||||
{
|
||||
"name": "Frogbot Scan Pull Request",
|
||||
"description": "Automatically scans new pull requests for security vulnerabilities. Uses JFrog Xray to scan the project. Included as part of JFrog's free subscription.",
|
||||
"iconName": "frogbot",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Go Module",
|
||||
"Maven POM",
|
||||
"NPM Config",
|
||||
"Gradle",
|
||||
"C#",
|
||||
"Python"
|
||||
],
|
||||
"creator": "JFrog"
|
||||
}
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "Haskell Dockerfile Linter",
|
||||
"description": "A smarter Dockerfile linter that helps you build best practice Docker images.",
|
||||
"iconName": "hadolint",
|
||||
"categories": ["Code Scanning", "Dockerfile"]
|
||||
}
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "lintr",
|
||||
"description": "lintr provides static code analysis for R.",
|
||||
"iconName": "lintr",
|
||||
"categories": [ "Code Scanning", "R" ]
|
||||
}
|
||||
@@ -0,0 +1,24 @@
|
||||
{
|
||||
"name": "NeuraLegion",
|
||||
"creator": "NeuraLegion",
|
||||
"description": "Scans any target, whether Web Apps, APIs (REST. & SOAP, GraphQL & more), Web sockets or mobile, providing actionable reports",
|
||||
"iconName": "neuralegion",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"C",
|
||||
"C#",
|
||||
"C++",
|
||||
"Go",
|
||||
"Java",
|
||||
"JavaScript",
|
||||
"Kotlin",
|
||||
"Objective C",
|
||||
"PHP",
|
||||
"Python",
|
||||
"Ruby",
|
||||
"Rust",
|
||||
"Scala",
|
||||
"Swift",
|
||||
"TypeScript"
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,21 @@
|
||||
{
|
||||
"name": "NowSecure Mobile SBOM",
|
||||
"creator": "NowSecure",
|
||||
"description": "Generate a Mobile SBOM for an application and submit to Dependency Graph",
|
||||
"iconName": "nowsecure",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Java",
|
||||
"Kotlin",
|
||||
"Scala",
|
||||
"Swift",
|
||||
"Objective C",
|
||||
"C",
|
||||
"C++",
|
||||
"C#",
|
||||
"Rust",
|
||||
"JavaScript",
|
||||
"TypeScript",
|
||||
"Node"
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "PHPMD",
|
||||
"description": "A spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD.",
|
||||
"iconName": "phpmd",
|
||||
"categories": [ "Code Scanning", "PHP" ]
|
||||
}
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "puppet-lint",
|
||||
"description": "Puppet Lint tests Puppet code against the recommended Puppet language style guide.",
|
||||
"iconName": "puppet-lint",
|
||||
"categories": [ "Code Scanning", "Puppet" ]
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Pyre",
|
||||
"creator": "Meta",
|
||||
"description": "Pyre is a performant type checker for Python compliant with PEP 484. Pyre can analyze codebases with millions of lines of code incrementally – providing instantaneous feedback to developers as they write code.",
|
||||
"iconName": "pyre",
|
||||
"categories": ["Code Scanning", "Python"]
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Pysa",
|
||||
"creator": "Meta",
|
||||
"description": "Python Static Analyzer (Pysa) is a security-focused static analysis tool that tracks flows of data from where they originate to where they terminate in a dangerous location.",
|
||||
"iconName": "pysa",
|
||||
"categories": ["Code Scanning", "Python"]
|
||||
}
|
||||
@@ -1,10 +1,9 @@
|
||||
{
|
||||
"name": "rust-clippy",
|
||||
"creator": "Rust",
|
||||
"description": "A collection of lints to catch common mistakes and improve your Rust code.",
|
||||
"iconName": "rust",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"rust"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,11 @@
|
||||
{
|
||||
"name": "Sobelow",
|
||||
"creator": "nccgroup",
|
||||
"description": "Sobelow is a security-focused static analysis tool for the Phoenix framework.",
|
||||
"iconName": "sobelow",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Elixir"
|
||||
]
|
||||
}
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "SOOS DAST Scan",
|
||||
"creator": "SOOS",
|
||||
"description": "SOOS DAST is the easy-to-integrate no-limit web vulnerability scanner. Integrate SOOS DAST with your CI pipeline to find vulnerabilities by scanning a web app or APIs.",
|
||||
"iconName": "soos",
|
||||
"categories": ["Code Scanning"]
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Zscaler IaC Scan",
|
||||
"creator": "Zscaler CWP",
|
||||
"description": "Scan your Infrastructure as Code files using Zscaler Infrastructure as Code (IaC) Scan app",
|
||||
"iconName": "zscaler",
|
||||
"categories": ["Code Scanning"]
|
||||
}
|
||||
@@ -0,0 +1,14 @@
|
||||
{
|
||||
"name": "zScan",
|
||||
"creator": "Zimperium",
|
||||
"description": "The zimperium-zscan GitHub action scans your mobile app binary (iOS or Android) and identifies security, privacy, and compliance-related vulnerabilities. ",
|
||||
"iconName": "zscan",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Java",
|
||||
"Kotlin",
|
||||
"Scala",
|
||||
"Swift",
|
||||
"Objective C"
|
||||
]
|
||||
}
|
||||
Reference in New Issue
Block a user