CI/CD orchestrator for Terraform.
Open Source Terraform Orchestration for Teams.
Automation, Collaboration and Governance for Terraform within your CI/CD system.
Digger is an open source IaC orchestration tool. Digger allows you to run IaC in your existing CI pipeline
pylyzer is a static code analyzer / language server for Python, written in Rust.
🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.
A highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️.
git-cliff can generate changelog files from the Git history by utilizing conventional commits as well as regex-powered custom parsers. The changelog template can be customized with a configuration file to match the desired format.
Gitleaks is a fast, light-weight, portable, and open-source secret scanner for git repositories, files, and directories.
Automated dependency updates.
Get pull requests to update your dependencies and lock files.
Here at Pa11y, we think making the web more accessible improves it for everyone. So we publish a range of free and open source tools to help designers and developers make their web pages more accessible.
The ubiquitous test and mock framework for PowerShell.
The Universal Code Beautifier.
Single beautifier abstracting multiple beautifiers for multiple languages.
PHP Benchmarking framework.
PHPBench is a benchmark runner for PHP analogous to PHPUnit but for performance rather than correctness.
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration with ASPM/VM platforms and in CI environments.
Knip finds unused files, dependencies and exports in your JavaScript and TypeScript projects.
CI/CD Security Analyzer.
RAVEN (Risk Analysis and Vulnerability Enumeration for CI/CD) is a powerful security tool designed to perform massive scans for GitHub Actions CI workflows and digest the discovered data into a Neo4j database.
An extensible multilanguage static code analyzer.
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports many languages. It can be extended with custom rules. It uses JavaCC and Antlr to parse source files into abstract syntax trees (AST) and runs rules against them to find violations. Rules can be written in Java or using a XPath query.
Kubernetes-native CI/CD building blocks.
Tekton is a powerful yet flexible Kubernetes-native open source framework for creating continuous integration and delivery (CI/CD) systems. It lets you build, test, and deploy across multiple cloud providers or on-premises systems by abstracting away the underlying implementation details.