Skip to content
@advanced-security

GitHub Advanced Security

Home of Advanced Security solutions that we can share with the world
README.md

Welcome to the GitHub Advanced Security Organisation! 👋

This organisation contains open source initiatives created by developers at GitHub (and around the world) to show the art of the possible with advanced security. :octocat: 💻

GitHub Advanced Security consists of CodeQL, Code Scanning, Secret Scanning, Security Overview and Dependency Review. A core principle of each of these solutions is being automated and integrable via API's and Webhooks. In this organisation, you will find starter kits, actions, custom queries and bundles, scripts and full-blown solutions that show off how you can integrate into GitHub Advanced Security (GHAS).

In comparison to the official GitHub organisation, a lot of the software you find here is developed as a best effort. These are open-source solutions developed outside of core responsibilities but with the aim for you to leverage and consume as you would any standard open-source software. 👐

We love contributions and feedback from you! So please feel free to open pull requests and issues as you can! 💕

Welcome and we hope what you find here useful 🙇

Pinned Loading

  1. secret-scanning-custom-patterns secret-scanning-custom-patterns Public

    Examples of Custom Secret Scanning Patterns

    HTML 155 23

  2. maven-dependency-submission-action maven-dependency-submission-action Public

    GitHub Action for submitting Maven dependencies

    TypeScript 48 26

  3. advanced-security-material advanced-security-material Public

    Shell 70 24

  4. codeql-coding-standards-bundle-releases codeql-coding-standards-bundle-releases Public

    CodeQL bundles containing the CodeQL Coding Standards queries

    5 3

  5. codeql-bundle-action codeql-bundle-action Public

    Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations

    Shell 25 7

Repositories

Showing 10 of 91 repositories
  • codeql-sap-js Public

    CodeQL models for SAP JavaScript frameworks CAP, UI5 and XSJS

    advanced-security/codeql-sap-js’s past year of commit activity
    CodeQL 5 MIT 1 4 5 Updated Feb 14, 2025
  • sample-javascript-monorepo Public
    advanced-security/sample-javascript-monorepo’s past year of commit activity
    TypeScript 0 MIT 0 0 2 Updated Feb 14, 2025
  • python-lint-code-scanning-action Public

    Lint and type check Python with your choice of popular linters, and upload results to GitHub Code Scanning

    advanced-security/python-lint-code-scanning-action’s past year of commit activity
    Python 0 MIT 3 3 0 Updated Feb 13, 2025
  • awesome-codeql Public

    A curated list of awesome CodeQL resources.

    advanced-security/awesome-codeql’s past year of commit activity
    31 MIT 2 0 0 Updated Feb 13, 2025
  • ghas-reviewer-app Public

    GitHub Advanced Security Pull Request Security Team required review GitHub App

    advanced-security/ghas-reviewer-app’s past year of commit activity
    Python 35 MIT 10 5 2 Updated Feb 11, 2025
  • gh-ghas-audit Public

    GitHub CLI extension to audit GHAS and code scanning setup for one or more organizations and repositories.

    advanced-security/gh-ghas-audit’s past year of commit activity
    Go 2 MIT 0 0 0 Updated Feb 11, 2025
  • component-detection-dependency-submission-action Public
    advanced-security/component-detection-dependency-submission-action’s past year of commit activity
    TypeScript 16 MIT 6 6 6 Updated Feb 10, 2025
  • codeql-extractor-iac Public

    CodeQL Extractor, Library, and Queries for Infrastructure as Code

    advanced-security/codeql-extractor-iac’s past year of commit activity
    CodeQL 46 MIT 6 16 2 Updated Feb 10, 2025
  • monorepo-code-scanning-action Public

    Focus SAST scans (with CodeQL) on just the changed parts of your monorepo, split up as you define

    advanced-security/monorepo-code-scanning-action’s past year of commit activity
    JavaScript 6 MIT 0 2 (1 issue needs help) 0 Updated Feb 9, 2025
  • sbom-generator-action Public archive
    advanced-security/sbom-generator-action’s past year of commit activity
    JavaScript 15 MIT 5 3 0 Updated Feb 7, 2025
View all repositories