GitHub Advanced Security

All

95 repositories

codeql-sap-js
Public
CodeQL models for SAP JavaScript frameworks CAP, UI5 and XSJS
TypeScript
•
MIT License
•3•6•10•7•Updated Jan 2, 2026Jan 2, 2026
sample-javascript-monorepo
Public
Detached fork of babel/babel to use as a TypeScript monorepo sample with 150+ packages using the monorepo-code-scanning-action https://github.com/advanced-security/monorepo-code-scanning-action
TypeScript
•
MIT License
•0•0•0•6•Updated Jan 2, 2026Jan 2, 2026
slack-secret-scanning-notifier-azure-function
Public
Slack notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
slack-bot secret-scanning github-advanced-security
TypeScript
•
MIT License
•2•3•3•1•Updated Jan 1, 2026Jan 1, 2026
teams-secret-scanning-notifier-azure-function
Public
Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
github-app security-team azure-function secret-scanning github-advanced-security microsoft-teams-bot
TypeScript
•
MIT License
•1•8•1•1•Updated Jan 1, 2026Jan 1, 2026
crypto-bill-of-materials-data
Public
Generate a Crypto Bill of Materials using CodeQL
TypeScript
•
MIT License
•3•2•0•1•Updated Jan 1, 2026Jan 1, 2026
GSSAR
Public
GitHub Secret Scanning Auto Remediator (GSSAR)
github javascript aws typescript remediation secret-scanning
TypeScript
•
MIT License
•11•46•2•1•Updated Jan 1, 2026Jan 1, 2026
ghe-cross-instance-committers
Public
A script which will return the total number of unique de-deuped active committers across multiple GHES instances
ghas
TypeScript
•
MIT License
•5•6•2•3•Updated Jan 1, 2026Jan 1, 2026
secret-scanning-tools
Public
Testing Suite for GitHub Secret Scanning Custom Patterns
secret-scanning github-advanced-security
Python
•
MIT License
•2•8•0•2•Updated Jan 1, 2026Jan 1, 2026
SARIF-viewer
Public
JetBrains IDE plugin for displaying SARIF from GHAS or from a local file
Kotlin
•
MIT License
•5•8•3•2•Updated Dec 31, 2025Dec 31, 2025
python-lint-code-scanning-action
Public
Lint and type check Python with your choice of popular linters, and upload results to GitHub Code Scanning
Python
•
MIT License
•3•4•3•0•Updated Dec 31, 2025Dec 31, 2025
monorepo-code-scanning-action
Public
Focus SAST scans (with CodeQL) on just the changed parts of your monorepo, split up as you define
actions monorepo sast codeql advanced-security code-scanning-ready
JavaScript
•
MIT License
•4•11•11•2•Updated Dec 31, 2025Dec 31, 2025
ghas-api-python-scripts
Public
GitHub Advanced Security scripts to interact with parts of the API, driven by a lightweight GitHub API wrapper written in Python
Python
•
MIT License
•0•5•0•0•Updated Dec 31, 2025Dec 31, 2025
sample-codeql-pipeline-config
Public
Integrate CodeQL into CI/CD pipelines, using the CodeQL CLI Bundle for Automated Code Scanning
MIT License
•11•23•0•1•Updated Dec 31, 2025Dec 31, 2025
ghas-to-csv
Public
Play with GHAS API to provide posture data over time
csv github-actions github-advanced-security
Python
•
MIT License
•18•40•2•1•Updated Dec 31, 2025Dec 31, 2025
codeql-sarif-security-standard-annotator
Public
Compare a CodeQL SARIF results file to a security standard CWE list and annotate the SARIF rules with a tag to highlight results applicable to the security standard
TypeScript
•
MIT License
•1•10•1•2•Updated Dec 29, 2025Dec 29, 2025
codeql-scanner-vscode
Public
CodeQL Plugin for VSCode to help scan and view alerts in code
TypeScript
•
MIT License
•2•5•1•5•Updated Dec 29, 2025Dec 29, 2025
enterprise-security-team
Public
Manage a uniform team of security managers for every organization in your enterprise
enterprise ghas
Python
•
MIT License
•6•25•0•1•Updated Dec 25, 2025Dec 25, 2025
github-sbom-toolkit
Public
Gather SBOMs from the GitHub Dependency Graph and report matches with packages, such as malware advisories from the GitHub Advisory Database or PURLs of your choice
malware dependency-graph dependencies supplychain purl sbom advanced-security ghas
TypeScript
•
MIT License
•3•12•0•2•Updated Dec 22, 2025Dec 22, 2025
spdx-dependency-submission-action
Public
upload an SPDX 2.2 formatted SBOM to GitHub's dependency submission API
JavaScript
•
MIT License
•6•19•1•2•Updated Dec 22, 2025Dec 22, 2025
reusable-workflows
Public
Advanced Security Reusable GitHub Actions Workflows
MIT License
•6•3•3•4•Updated Dec 22, 2025Dec 22, 2025
codeql-extractor-action
Public
specify a CodeQL extractor to be used in your workflows as an author of an Extractor.
Rust
•
MIT License
•0•2•1•3•Updated Dec 22, 2025Dec 22, 2025
codeql-extractor-iac
Public
CodeQL Extractor, Library, and Queries for Infrastructure as Code
CodeQL
•
MIT License
•12•57•13•3•Updated Dec 22, 2025Dec 22, 2025
ghas-reviewer-app
Public
GitHub Advanced Security Pull Request Security Team required review GitHub App
github-app advanced-security
Python
•
MIT License
•10•36•6•1•Updated Dec 22, 2025Dec 22, 2025
dependabot-version-updates
Public
Java
•
GNU General Public License v3.0
•2•0•0•0•Updated Dec 19, 2025Dec 19, 2025
awesome-codeql
Public
A curated list of awesome CodeQL resources.
awesome awesome-list
MIT License
•7•61•1•0•Updated Dec 19, 2025Dec 19, 2025
dismiss-alerts
Public
Dismiss GitHub Code Scanning alerts from SARIF suppression data
sarif code-scanning sast code-security ghas github-advanced-security
Java
•
MIT License
•4•18•1•6•Updated Dec 17, 2025Dec 17, 2025
conda-dependency-submission-action
Public
GitHub Action that scans Conda manifest files and submits their dependencies to GitHub's Dependency Graph,
dependency-graph conda dependabot dependency-graph-api
TypeScript
•
MIT License
•3•0•0•5•Updated Dec 17, 2025Dec 17, 2025
remap-sarif
Public
Remap a SARIF file with sourcemaps
Python
•
MIT License
•5•5•2•1•Updated Dec 16, 2025Dec 16, 2025
dart-analyzer-sarif
Public
Convert `dart analyze` CLI output into SARIF
Python
•
MIT License
•5•6•1•1•Updated Dec 16, 2025Dec 16, 2025
spotbugs-findsecbugs-action
Public
Run SpotBugs with FindSecBugs on Java and other JVM languages (e.g. Scala), and upload the results to GitHub Code Scanning
MIT License
•6•6•3•1•Updated Dec 16, 2025Dec 16, 2025