GitHub Advanced Security

All

96 repositories

codeql-development-mcp-server
Public
LLM <-- MCP --> CodeQL( AST | CFG | CLI | LSP )
mcp static-analysis ast code-quality cfg lsp code-security codeql copilot-enabled
TypeScript
•
Other
•0•4•5•10•Updated Feb 19, 2026Feb 19, 2026
SARIF-viewer
Public
JetBrains IDE plugin for displaying SARIF from GHAS or from a local file
Kotlin
•
MIT License
•5•9•3•6•Updated Feb 18, 2026Feb 18, 2026
ghas-seat-projection
Public
GitHub Action to get information of assess how many seats enablement of GHAS will consume when enabled on a repository
JavaScript
•
MIT License
•1•2•3•1•Updated Feb 18, 2026Feb 18, 2026
codeql-sap-js
Public
CodeQL models for SAP JavaScript frameworks CAP, UI5 and XSJS
TypeScript
•
MIT License
•3•6•9•4•Updated Feb 17, 2026Feb 17, 2026
dismiss-alerts
Public
Dismiss GitHub Code Scanning alerts from SARIF suppression data
sarif code-scanning sast code-security ghas github-advanced-security
Java
•
MIT License
•4•19•1•5•Updated Feb 17, 2026Feb 17, 2026
github-sbom-toolkit
Public
Gather SBOMs from the GitHub Dependency Graph and report matches with packages, such as malware advisories from the GitHub Advisory Database or PURLs of your ch…
malware dependency-graph dependencies supplychain purl sbom advanced-security ghas
TypeScript
•
MIT License
•3•12•0•2•Updated Feb 16, 2026Feb 16, 2026
component-detection-dependency-submission-action
Public
TypeScript
•
MIT License
•27•20•3•3•Updated Feb 16, 2026Feb 16, 2026
reusable-workflows
Public
Advanced Security Reusable GitHub Actions Workflows
MIT License
•6•3•4•4•Updated Feb 16, 2026Feb 16, 2026
codeql-sarif-security-standard-annotator
Public
Compare a CodeQL SARIF results file to a security standard CWE list and annotate the SARIF rules with a tag to highlight results applicable to the security stan…
TypeScript
•
MIT License
•1•10•1•2•Updated Feb 16, 2026Feb 16, 2026
codeql-scanner-vscode
Public
CodeQL Plugin for VSCode to help scan and view alerts in code
TypeScript
•
MIT License
•2•5•1•5•Updated Feb 16, 2026Feb 16, 2026
codeql-extractor-action
Public
specify a CodeQL extractor to be used in your workflows as an author of an Extractor.
Rust
•
MIT License
•0•2•1•6•Updated Feb 16, 2026Feb 16, 2026
sample-javascript-monorepo
Public
Detached fork of babel/babel to use as a TypeScript monorepo sample with 150+ packages using the monorepo-code-scanning-action https://github.com/advanced-secu…
TypeScript
•
MIT License
•1•0•0•6•Updated Feb 13, 2026Feb 13, 2026
ghas-license-utilization
Public
Optimize the utilization of GHAS licenses in an enterprise (or organization)
advanced-security ghas
Python
•
MIT License
•3•15•0•1•Updated Feb 12, 2026Feb 12, 2026
advanced-security-material
Public
security code-scanning codeql advanced-security advanced-security-training
Shell
•25•75•2•2•Updated Feb 11, 2026Feb 11, 2026
spdx-dependency-submission-action
Public
upload an SPDX 2.2 formatted SBOM to GitHub's dependency submission API
JavaScript
•
MIT License
•6•21•1•0•Updated Feb 11, 2026Feb 11, 2026
policy-as-code
Public
GitHub Advanced Security Policy as Code
Python
•
MIT License
•22•95•9•5•Updated Feb 11, 2026Feb 11, 2026
awesome-codeql
Public
A curated list of awesome CodeQL resources.
awesome awesome-list
MIT License
•9•72•1•0•Updated Feb 10, 2026Feb 10, 2026
secret-scanning-review-action
Public
Action to detect if a secret is initially detected in a pull request
PowerShell
•
MIT License
•7•19•5•4•Updated Feb 9, 2026Feb 9, 2026
codeql-development-template
Public template
Copilot-native repository template for CodeQL query development
CodeQL
•
MIT License
•0•9•0•2•Updated Feb 9, 2026Feb 9, 2026
enterprise-security-team
Public
Manage a uniform team of security managers for every organization in your enterprise
enterprise ghas
Python
•
MIT License
•6•24•0•1•Updated Feb 9, 2026Feb 9, 2026
codeql-extractor-iac
Public
CodeQL Extractor, Library, and Queries for Infrastructure as Code
CodeQL
•
MIT License
•13•59•13•3•Updated Feb 9, 2026Feb 9, 2026
ghas-reviewer-app
Public
GitHub Advanced Security Pull Request Security Team required review GitHub App
github-app advanced-security
Python
•
MIT License
•11•36•6•4•Updated Feb 9, 2026Feb 9, 2026
awesome-dependabot
Public
A curated list of awesome Dependabot (and related software supply chain) resources.
awesome awesome-list
MIT License
•3•6•0•3•Updated Feb 5, 2026Feb 5, 2026
conda-dependency-submission-action
Public
GitHub Action that scans Conda manifest files and submits their dependencies to GitHub's Dependency Graph,
dependency-graph conda dependabot dependency-graph-api
TypeScript
•
MIT License
•3•0•0•5•Updated Feb 4, 2026Feb 4, 2026
secret-scanning-tools
Public
Testing Suite for GitHub Secret Scanning Custom Patterns
secret-scanning github-advanced-security
Python
•
MIT License
•2•8•0•5•Updated Feb 2, 2026Feb 2, 2026
secret-scanning-custom-patterns
Public
Examples of Custom Secret Scanning Patterns for use with GitHub Secret Protection/Advanced Security
regex regex-patterns secret-scanning github-advanced-security
HTML
•
MIT License
•28•172•2•1•Updated Feb 2, 2026Feb 2, 2026
brew-dependency-submission-action
Public
Brew Lockfile Dependency Submission Action
homebrew brew actions
Python
•
MIT License
•4•3•1•5•Updated Feb 2, 2026Feb 2, 2026
gradle-lock-dependency-submission-action
Public
Gradle Lockfile Dependency Submission Action
Python
•
MIT License
•1•2•0•3•Updated Feb 2, 2026Feb 2, 2026
ghas-to-csv
Public
Play with GHAS API to provide posture data over time
csv github-actions github-advanced-security
Python
•
MIT License
•17•41•1•1•Updated Jan 27, 2026Jan 27, 2026
codeql-summarize
Public
CodeQL Summary Generator
Python
•
MIT License
•2•7•2•1•Updated Jan 19, 2026Jan 19, 2026