GitHub Advanced Security's repositories
secret-scanning-custom-patterns
Examples of Custom Secret Scanning Patterns
codeql-queries
[Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instead
policy-as-code
GitHub Advanced Security Policy as Code
maven-dependency-submission-action
GitHub Action for submitting Maven dependencies
codeql-extractor-iac
CodeQL Extractor, Library, and Queries for Infrastructure as Code
ghas-to-csv
Play with GHAS API to provide posture data over time
ghas-reviewer-app
GitHub Advanced Security Pull Request Security Team required review GitHub App
codeql-bundle-action
Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
probot-security-alerts
Sample GitHub App which monitors and enforces rules for code scanning, Dependabot, and secret scanning alerts
sample-codeql-pipeline-config
Integrate CodeQL into CI/CD pipelines, using the CodeQL CLI Bundle for Automated Code Scanning
SARIF-viewer
JetBrains IDE plugin for displaying SARIF from GHAS or from a local file
secret-scanning-review-action
Action to detect if a secret is initially detected in a PR commit
codeql-development-toolkit
The CodeQL Development toolkit is a tool for making common CodeQL development workflows easier.
codeql-summarize
CodeQL Summary Generator
ghe-cross-instance-committers
A script which will return the total number of unique de-deuped active committers across multiple GHES instances
codeql-bundle
CLI to build a custom CodeQL bundle
codeql-sarif-security-standard-annotator
Compare a CodeQL SARIF results file to a security standard CWE list and annotate the SARIF rules with a tag to highlight results applicable to the security standard
spotbugs-findsecbugs-action
Run SpotBugs with FindSecBugs on Java and other JVM languages (e.g. Scala), and upload the results to GitHub Code Scanning
teams-secret-scanning-notifier-azure-function
Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
cocoapods-dependency-submission-action
CocoaPods Lockfile Dependency Submission Action
brew-dependency-submission-action
Brew Lockfile Dependency Submission Action
slack-secret-scanning-notifier-azure-function
Slack notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
secret-scanning-tools
Testing Suite for GitHub Secret Scanning Custom Patterns
reusable-workflows
Advanced Security Reusable GitHub Actions Workflows