An enterprise friendly way of detecting and preventing secrets in code.

detect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code base.

Git Security Scanning & Secrets Detection.

• ggshield @ GitHub.
• Doctolib divise par deux ses incidents de sécurité liés aux secrets@ LeMagIT :fr:.

Don’t let your friends dump git logs into changelogs.

A changelog is a file which contains a curated, chronologically ordered list of notable changes for each version of a project.

📦🚀 Fully automated version management and package publishing.

semantic-release automates the whole package release workflow including: determining the next version number, generating the release notes, and publishing the package.

• semantic-release @ GitHub.
• Using Semantic Versioning to Simplify Release Management @ AWS DevOps & Developer Productivity Blog

Open source AI. Code Reviews and Docs.
Customizable LLM-enabled workflows to automate reviews, docs and patches.

Patchwork automates development gruntwork like PR reviews, bug fixing, security patching, and more using a self-hosted CLI agent and your preferred LLMs. Try the hosted version here.

• Patchwork @ GitHub.
• Build your own AutoFix with Patchwork @ Patched.

Sample Go app repo with test and release pipelines optimized for software supply chain security (S3C).

Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko generative SBOM, cosign attestation, and SLSA build provenance

Software Bill of Materials (SBOM) Analysis.

• Dependency-Track @ GitHub.
• Démarrer avec Dependency Track @ Culture et Outils DevSecOps :fr:.

CLI to spin your CI/CD for react-native!

The problem we noticed is that setting up CI is performed once, needs to be researched every time, and is often trial and error driven. The process is repetitive.

We created a tool that bootstraps CI with the most used features, which are ready for customization in the future. Running npx setup-ci generates GitHub workflows for the most popular CI tasks.

Load testing designed for DevOps and CI/CD.

Gatling is a highly capable load testing tool. It is designed for ease of use, maintainability and high performance.

Out of the box, Gatling comes with excellent support of the HTTP protocol that makes it a tool of choice for load testing any HTTP server. As the core engine is actually protocol agnostic, it is perfectly possible to implement support for other protocols. For example, Gatling currently also ships JMS support.

• Gatling @ GitHub.

OPEN SOURCE ORCHESTRATION AND CORRELATION TOOL. ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.

Automate Your Application Security Orchestration And Correlation (ASOC) Using ArcherySec.

ArcherySec allow to interact with continuous integration/continuous delivery (CI/CD) toolchains to specify testing, and control the release of a given build based on results. Its include prioritization functions, enabling you to focus on the most critical vulnerabilities. ArcherySec uses popular open source tools to perform comprehensive scanning for web application and network. The developers can also utilize the tool for implementation of their DevOps CI/CD environment.

• ArcherySec @ GitHub.
• 🚨 ArcherySec - La plateforme open source incontournable pour l'orchestration de la sécurité des applications 🛡️ @ Souleiman S.' LinkedIn :fr:.

The Container Structure Tests provide a powerful framework to validate the structure of a container image. These tests can be used to check the output of commands in an image, as well as verify metadata and contents of the filesystem.

Generate beautiful changelogs from your Git commit history.

clog creates a changelog automatically from your local git metadata. See the clogs changelog.md for an example.

CI/CD orchestrator for Terraform.

Open Source Terraform Orchestration for Teams.
Automation, Collaboration and Governance for Terraform within your CI/CD system.

Digger is an open source IaC orchestration tool. Digger allows you to run IaC in your existing CI pipeline

• Digger @ GitHub.
• Your September Dose of Data - September 2024 @ Data Council.

pylyzer is a static code analyzer / language server for Python, written in Rust.

• pylyzer @ GitHub.
• Pylyzer – Une analyse statique Python 100 fois plus rapide ! @ Korben :fr:.

🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.

• MegaLinter @ GitHub.
• MegaLinter @ Culture et Outils DevSecOps :fr:.

A highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️.

git-cliff can generate changelog files from the Git history by utilizing conventional commits as well as regex-powered custom parsers. The changelog template can be customized with a configuration file to match the desired format.

• git-cliff @ GitHub.

Gitleaks is a fast, light-weight, portable, and open-source secret scanner for git repositories, files, and directories.

• Gitleaks @ GitHub.
• Gitleaks : Evitez le vol de secrets sur Git ! @ Geeek.org :fr:.

Automated dependency updates.

Get pull requests to update your dependencies and lock files.

• Renovate @ GitHub.
• Renovate documentation.
• Inspection Tools @ php.hospital.
• Renovate Automatise la Gestion des Dépendances @ Culture et Outils DevSecOps :fr:.

Pretty fast linter (code static analysis utility) for PHP. NoVerify is a PHP linter: it finds possible bugs and style violations in your code.