Skip to content
/ security-workflows Public

Centralized security workflows: CodeQL analysis, Octoscan, and permissions auditing for all repositories

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

huggingface/security-workflows

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.github
.github
 
 
templates
templates
 
 
README.md
README.md
 
 

Repository files navigation

secuity-workflows

Centralized security workflows: CodeQL analysis, Octoscan, and permissions auditing for all repositories

What's Included

  • CodeQL Analysis - Automated code security scanning for github actions
  • Zizmor - GitHub Actions workflow vulnerability detection
  • Octoscan - GitHub Actions workflow vulnerability detection
  • Permissions Advisor - Workflow permissions optimization and least-privilege enforcement

Coming soon

  • How to use it
  • Summary of Github best practises
  • How to resolve issues
  • How to configure CodeQL to scanning repo's code

About

Centralized security workflows: CodeQL analysis, Octoscan, and permissions auditing for all repositories

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published