Repositories list

• conda-dependency-submission-action

  Public
  GitHub Action that scans Conda manifest files and submits their dependencies to GitHub's Dependency Graph,

  dependency-graphcondadependabot+ 1dependency-graph-api

  TypeScript

  •

  MIT License

  •3•0•0•5•Updated Sep 19, 2025Sep 19, 2025

• sample-javascript-monorepo

  Public
  Detached fork of babel/babel to use as a TypeScript monorepo sample with 150+ packages using the monorepo-code-scanning-action https://github.com/advanced-security/monorepo-code-scanning-action

  TypeScript

  •

  MIT License

  •0•0•0•6•Updated Sep 19, 2025Sep 19, 2025

• codeql-contracts-smt-z3

  Public
  SMT constraint solving in CodeQL with Z3

  C

  •

  MIT License

  •0•1•0•0•Updated Sep 18, 2025Sep 18, 2025

• codeql-sap-js

  Public
  CodeQL models for SAP JavaScript frameworks CAP, UI5 and XSJS

  TypeScript

  •

  MIT License

  •2•6•7•5•Updated Sep 18, 2025Sep 18, 2025

• secret-scanning-notifications

  Public
  A GitHub Action that sends email notifications to security manager team for any new or resolved secret scanning alerts based on a set frequency

  TypeScript

  •

  MIT License

  •3•1•0•8•Updated Sep 18, 2025Sep 18, 2025

• component-detection-dependency-submission-action

  Public
  TypeScript

  •

  MIT License

  •14•17•4•4•Updated Sep 17, 2025Sep 17, 2025

• SARIF-viewer

  Public
  JetBrains IDE plugin for displaying SARIF from GHAS or from a local file

  Kotlin

  •

  MIT License

  •4•8•3•4•Updated Sep 17, 2025Sep 17, 2025

• dismiss-alerts

  Public
  Java

  •

  MIT License

  •4•18•7•7•Updated Sep 17, 2025Sep 17, 2025

• codeql-qtil

  Public
  A library with a wide variety of handy CodeQL utilities, from simple to complex.

  CodeQL

  •

  MIT License

  •0•4•1•6•Updated Sep 17, 2025Sep 17, 2025

• generate-sbom-action

  Public
  An Action to wrap creating an SBOM via REST API

  TypeScript

  •

  MIT License

  •4•19•1•9•Updated Sep 15, 2025Sep 15, 2025

• codeql-scanner-vscode

  Public
  CodeQL Plugin for VSCode to help scan and view alerts in code

  TypeScript

  •

  MIT License

  •2•4•1•6•Updated Sep 15, 2025Sep 15, 2025

• codeql-extractor-action

  Public
  specify a CodeQL extractor to be used in your workflows as an author of an Extractor.

  Rust

  •

  MIT License

  •0•2•1•1•Updated Sep 15, 2025Sep 15, 2025

• codeql-extractor-iac

  Public
  CodeQL Extractor, Library, and Queries for Infrastructure as Code

  CodeQL

  •

  MIT License

  •9•53•15•5•Updated Sep 15, 2025Sep 15, 2025

• slack-secret-scanning-notifier-azure-function

  Public
  Slack notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function

  slack-botsecret-scanninggithub-advanced-security

  TypeScript

  •

  MIT License

  •2•3•3•1•Updated Sep 13, 2025Sep 13, 2025

• teams-secret-scanning-notifier-azure-function

  Public
  Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function

  github-appsecurity-teamazure-function+ 3secret-scanninggithub-advanced-securitymicrosoft-teams-bot

  TypeScript

  •

  MIT License

  •1•7•1•1•Updated Sep 13, 2025Sep 13, 2025

• enterprise-security-team

  Public
  Manage a uniform team of security managers for every organization in your enterprise

  enterpriseghas

  Python

  •

  MIT License

  •5•25•0•0•Updated Sep 11, 2025Sep 11, 2025

• maven-dependency-submission-action

  Public
  GitHub Action for submitting Maven dependencies

  TypeScript

  •

  MIT License

  •31•53•16•2•Updated Sep 10, 2025Sep 10, 2025

• security-report-action

  Public
  GitHub Action that can generate reports from GitHub Advanced Security and dependency vulnerability findings

  HTML

  •

  MIT License

  •0•3•1•1•Updated Sep 10, 2025Sep 10, 2025

• crypto-bill-of-materials-data

  Public
  Generate a Crypto Bill of Materials using CodeQL

  TypeScript

  •

  MIT License

  •3•1•0•1•Updated Sep 9, 2025Sep 9, 2025

• .github

  Public
  GitHub Advanced Security's Org README

  3•0•0•0•Updated Sep 9, 2025Sep 9, 2025

• cbom-action

  Public
  Create a Crypto Bill of Materials using CodeQL

  Python

  •

  MIT License

  •18•12•1•1•Updated Sep 9, 2025Sep 9, 2025

• cocoapods-dependency-submission-action

  Public
  CocoaPods Lockfile Dependency Submission Action

  Python

  •

  MIT License

  •3•5•2•0•Updated Sep 8, 2025Sep 8, 2025

• spdx-dependency-submission-action

  Public
  upload an SPDX 2.2 formatted SBOM to GitHub's dependency submission API

  JavaScript

  •

  MIT License

  •6•18•1•3•Updated Sep 8, 2025Sep 8, 2025

• reusable-workflows

  Public
  Advanced Security Reusable GitHub Actions Workflows

  MIT License

  •5•3•4•4•Updated Sep 8, 2025Sep 8, 2025

• codeql-summarize

  Public
  CodeQL Summary Generator

  Python

  •

  MIT License

  •2•7•2•1•Updated Sep 8, 2025Sep 8, 2025

• sarif-toolkit

  Public
  All things SARIF, as an Action

  Python

  •

  MIT License

  •3•4•3•1•Updated Sep 8, 2025Sep 8, 2025

• policy-as-code

  Public
  GitHub Advanced Security Policy as Code

  Python

  •

  MIT License

  •21•89•8•3•Updated Sep 8, 2025Sep 8, 2025

• advanced-security-material

  Public
  code-scanningcodeqladvanced-security+ 2advanced-security-trainingsecurity

  Shell

  •25•74•0•2•Updated Sep 5, 2025Sep 5, 2025

• ghas-to-csv

  Public
  Play with GHAS API to provide posture data over time

  github-advanced-securitycsvgithub-actions

  Python

  •

  MIT License

  •16•39•3•6•Updated Sep 4, 2025Sep 4, 2025

• secret-scanning-tools

  Public
  Testing Suite for GitHub Secret Scanning Custom Patterns

  secret-scanninggithub-advanced-security

  Python

  •

  MIT License

  •2•8•0•4•Updated Sep 4, 2025Sep 4, 2025