1 repository
Validates the integrity and traceability of Git commit references used in configuration files.
Distinguishing note: No candidate addresses the validation of Git SHAs against tags for release tracking
Explore 1 awesome GitHub repository matching security & cryptography · Git Reference Validators. Refine with filters or upvote what's useful.
Zizmor is a security linter and static analysis tool designed to audit GitHub Actions workflow files. It functions as a CI/CD security scanner that identifies security vulnerabilities, misconfigurations, and software supply chain risks within automation pipelines. The project distinguishes itself by providing an automated workflow remediator that applies security fixes to identified vulnerabilities. It also implements a language server for integration with code editors and supports a variety of analysis personas to scale the sensitivity and volume of reported findings. The tool covers a broa
Flags commit SHA references that do not point to a Git tag to improve release and bug tracking.