{"payload":{"featured":[],"recommended":[],"recently_added":[],"search_results":{"results":[{"type":"marketplace_listing","id":"4826","state":"verified","name":"Licensebat","free":false,"primary_category":"Dependency management","secondary_category":"Open Source management","is_verified_owner":true,"slug":"licensebat","owner_login":"licensebat","resource_path":"/marketplace/licensebat","installation_count":655,"full_description":"Licensebat seamlessly integrates with your GitHub build pipeline to make sure your current and future dependencies\ncomply with your license policies.\n\nGoodbye surprises and headaches when auditing your company projects.\n","short_description":"Effortless dependency compliance with your license policies","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/4826?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":4826,"state":3,"name":"Licensebat","slug":"licensebat","short_description":"Effortless dependency compliance with your license policies","full_description":"Licensebat seamlessly integrates with your GitHub build pipeline to make sure your current and future dependencies comply with your license policies.\n\nGoodbye surprises and headaches when auditing your company projects.","extended_description":"## Features\n\n### 1. Fast\n\nBecause no one likes to wait for pull request checks, we created Licensebat with Rust to be the fastest flying creature in your build pipeline.\n\n### 2. Powerful\n\nYou can easily configure Licensebat to behave as you'd expect. Accept, block or ignore licenses and dependencies.\n\n### 3. Safe\n\nLicensebat will scan your dependency manifests and will try to determine the licenses of all your dependencies, even the ones you're not aware of, like transient dependencies.\n\n### 4. Online Verification\n\nVerify the license compliance of your OSS software with every pull request. Easily integrate Licensebat in your CI pipeline.\n\n### 5. Know your licenses\n\nLicensebat will try to determine your dependencies' licenses by leveraging the SPDX license list.\n\n### 6. Language support\n\nThe list of languages that Licensebat supports is always growing. Stay tuned for your favorite language to be supported if not already!\n\n## Configuration\n\nGet the [gist](https://licensebat.com/#info-8).","primary_category_id":11,"secondary_category_id":18,"privacy_policy_url":"https://licensebat.com/privacy.html","tos_url":"https://licensebat.com/terms.html","company_url":"https://licensebat.com","status_url":"","support_url":"https://licensebat.com","documentation_url":"https://licensebat.com","pricing_url":null,"bgcolor":"ffffff","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":1937,"technical_email":"support@licensebat.com","marketing_email":"support@licensebat.com","finance_email":"support@licensebat.com","direct_billing_enabled":false,"by_github":false,"security_email":"support@licensebat.com","listable_type":"Integration","listable_id":25029,"copilot_app":false}}},{"type":"marketplace_listing","id":"10966","state":"verified","name":"Git X-Modules","free":false,"primary_category":"Utilities","secondary_category":"Dependency management","is_verified_owner":true,"slug":"git-x-modules","owner_login":"tmate","resource_path":"/marketplace/git-x-modules","installation_count":354,"full_description":"Git X-Modules is a server-side app that syncs your project directories with other repositories. Think of it as a\nserver-side alternative to Git Submodules. Check out the website or watch video for more details!\n\nUse Cases\n\n  - Combine multiple projects and components into a single repository for cross-project development\n  - Include parts of other projects into yours\n  - Share common assets across multiple projects\n","short_description":"A better way to manage modular Git projects","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/10966?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":10966,"state":3,"name":"Git X-Modules","slug":"git-x-modules","short_description":"A better way to manage modular Git projects","full_description":"Git X-Modules is a server-side app that syncs your project directories with other repositories. Think of it as a server-side alternative to Git Submodules. Check out [the website](https://gitmodules.com) or watch [video](https://www.youtube.com/watch?v=BSWCT-VadRU) for more details!\n\nUse Cases\n\n- Combine multiple projects and components into a single repository for cross-project development\n- Include parts of other projects into yours\n- Share common assets across multiple projects","extended_description":"Git X-Modules is totally transparent to Git users.\n\n- An X-Module is a regular directory. It’s synced on your Git server with an external repository.\n- When an X-Module is updated the changes go to the external repository.\n- When an external repository is updated the changes are applied to the X-Module.\n- When there are two conflicting updates Git X-Modules applies one update and turns the other into a pull request\n\nIt's simple, yet versatile\n\n- Sync an X-Module  with any branch in the external repository. Change the settings at any time.\n- Pull the whole tree from an external repository or specify its subdirectory with powerful exclude filters.\n- Keep the history clean and tidy by squashing and rebasing module commits or preserve the module history      in a parent repository with a merge option.\n\nWould you like to see Git X-Modules in action? Watch [the screencast](https://youtu.be/FAh4pwBBBZk)!","primary_category_id":11,"secondary_category_id":29,"privacy_policy_url":"https://doc.tmatesoft.com/display/SG/Privacy+policy","tos_url":"https://doc.tmatesoft.com/display/SG/Terms+of+service","company_url":"https://gitmodules.com","status_url":"","support_url":"https://support.tmatesoft.com/c/x-modules/8","documentation_url":"https://doc.tmatesoft.com/display/GITX","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":2658,"technical_email":"support@tmatesoft.com","marketing_email":"sales@tmatesoft.com","finance_email":"sales@tmatesoft.com","direct_billing_enabled":false,"by_github":false,"security_email":"support@tmatesoft.com","listable_type":"Integration","listable_id":124661,"copilot_app":false}}},{"type":"marketplace_listing","id":"13390","state":"verified","name":"Socket Security","free":false,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":true,"slug":"socket-security","owner_login":"SocketDev","resource_path":"/marketplace/socket-security","installation_count":5627,"full_description":"Prevent malicious open source dependencies from infiltrating your apps.\n\nSocket dramatically improves your open source security posture by detecting and blocking the attacks you don t expect –\nmalware, install scripts, hidden code, typo-squatting, and more – which aren t caught by traditional vulnerability\nscanners.\n\n  - Block malware – Block emerging malware threats\n  - Block typo-squatting – Block malicious packages that differ in name by only a few characters\n","short_description":"Protect your app from malicious open source dependencies","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/13390?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":13390,"state":3,"name":"Socket Security","slug":"socket-security","short_description":"Protect your app from malicious open source dependencies","full_description":"**Prevent malicious open source dependencies from infiltrating your apps.**\n\nSocket dramatically improves your open source security posture by _detecting and blocking the attacks you don't expect_ – malware, install scripts, hidden code, typo-squatting, and more – which aren't caught by traditional vulnerability scanners.\n\n- **Block malware** – Block emerging malware threats\n- **Block typo-squatting** – Block malicious packages that differ in name by only a few characters","extended_description":"- **Detect hidden code** – Detect obfuscated, minified, or hidden code\n- **Detect privileged API usage** – Report when a dependency update introduces new risky API usage – filesystem, network, child_process, eval()\n- **Detect suspicious updates** – Sudden inclusion of privileged APIs in patch or minor releases\n\nSocket currently [supports 70 detections](https://socket.dev/npm/issue) in 5 categories: supply chain risk, quality, maintenance, known vulnerabilities, and license problems.","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://socket.dev/privacy","tos_url":"https://socket.dev/terms","company_url":"https://socket.dev","status_url":"https://status.socket.dev","support_url":"https://socket.dev/contact","documentation_url":"https://docs.socket.dev","pricing_url":null,"bgcolor":"FFDDFF","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":3211,"technical_email":"eng@socket.dev","marketing_email":"feross@socket.dev","finance_email":"accountant@socket.dev","direct_billing_enabled":false,"by_github":false,"security_email":"security@socket.dev","listable_type":"Integration","listable_id":156372,"copilot_app":false}}},{"type":"repository_action","id":"9762","name":"Download a Build Artifact","free":null,"primary_category":"Dependency management","secondary_category":null,"is_verified_owner":true,"slug":"download-a-build-artifact","owner_login":"actions","resource_path":"/marketplace/actions/download-a-build-artifact","highlights":{"description":"","name.ngram":""},"description":"Download a build artifact that was previously uploaded in the workflow by the upload-artifact action\n","stars":1289,"dependents_count":499954,"icon_svg":"<svg width=\"91\" height=\"91\" viewBox=\"0 0 91 91\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\">\n<path fill-rule=\"evenodd\" clip-rule=\"evenodd\" d=\"M91 45.5C91 70.6289 70.629 91 45.5 91C20.371 91 0 70.6289 0 45.5C0 20.3711 20.371 0 45.5 0C70.629 0 91 20.3711 91 45.5ZM33.2774 70.9818L70.876 45.916C71.1728 45.7181 71.1728 45.2819 70.876 45.084L33.2774 20.0182C32.9451 19.7967 32.5 20.0349 32.5 20.4343V70.5657C32.5 70.9651 32.9451 71.2033 33.2774 70.9818Z\" fill=\"#FFFFFF\"/>\n</svg>\n","repository_action":{"repository_action":{"id":9762,"path":"action.yml","name":"Download a Build Artifact","description":"Download a build artifact that was previously uploaded in the workflow by the upload-artifact action","icon_name":null,"color":"0366d6","featured":true,"repository_id":192626254,"rank_multiplier":1.0,"slug":"download-a-build-artifact","security_email":"bethanyj28@github.com"}}},{"type":"repository_action","id":"20198","name":"Cache","free":null,"primary_category":"Dependency management","secondary_category":"Utilities","is_verified_owner":true,"slug":"cache","owner_login":"actions","resource_path":"/marketplace/actions/cache","highlights":{"description":"","name.ngram":""},"description":"Cache artifacts like dependencies and build outputs to improve workflow execution time\n","stars":4299,"dependents_count":951159,"icon_svg":"<svg width=\"91\" height=\"91\" viewBox=\"0 0 91 91\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\">\n<path fill-rule=\"evenodd\" clip-rule=\"evenodd\" d=\"M91 45.5C91 70.6289 70.629 91 45.5 91C20.371 91 0 70.6289 0 45.5C0 20.3711 20.371 0 45.5 0C70.629 0 91 20.3711 91 45.5ZM33.2774 70.9818L70.876 45.916C71.1728 45.7181 71.1728 45.2819 70.876 45.084L33.2774 20.0182C32.9451 19.7967 32.5 20.0349 32.5 20.4343V70.5657C32.5 70.9651 32.9451 71.2033 33.2774 70.9818Z\" fill=\"#FFFFFF\"/>\n</svg>\n","repository_action":{"repository_action":{"id":20198,"path":"action.yml","name":"Cache","description":"Cache artifacts like dependencies and build outputs to improve workflow execution time","icon_name":"archive","color":"0366d6","featured":true,"repository_id":215566462,"rank_multiplier":1.0,"slug":"cache","security_email":"bethanyj28@github.com"}}},{"type":"repository_action","id":"9761","name":"Upload a Build Artifact","free":null,"primary_category":"Dependency management","secondary_category":null,"is_verified_owner":true,"slug":"upload-a-build-artifact","owner_login":"actions","resource_path":"/marketplace/actions/upload-a-build-artifact","highlights":{"description":"","name.ngram":""},"description":"Upload a build artifact that can be used by subsequent workflow steps\n","stars":2920,"dependents_count":1190779,"icon_svg":"<svg width=\"91\" height=\"91\" viewBox=\"0 0 91 91\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\">\n<path fill-rule=\"evenodd\" clip-rule=\"evenodd\" d=\"M91 45.5C91 70.6289 70.629 91 45.5 91C20.371 91 0 70.6289 0 45.5C0 20.3711 20.371 0 45.5 0C70.629 0 91 20.3711 91 45.5ZM33.2774 70.9818L70.876 45.916C71.1728 45.7181 71.1728 45.2819 70.876 45.084L33.2774 20.0182C32.9451 19.7967 32.5 20.0349 32.5 20.4343V70.5657C32.5 70.9651 32.9451 71.2033 33.2774 70.9818Z\" fill=\"#FFFFFF\"/>\n</svg>\n","repository_action":{"repository_action":{"id":9761,"path":"action.yml","name":"Upload a Build Artifact","description":"Upload a build artifact that can be used by subsequent workflow steps","icon_name":null,"color":"0366d6","featured":true,"repository_id":192625955,"rank_multiplier":1.0,"slug":"upload-a-build-artifact","security_email":"eggyhead@github.com"}}},{"type":"marketplace_listing","id":"1177","state":"unverified","name":"Scantist Thompson","free":true,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":true,"slug":"scantist-sca","owner_login":"scantist","resource_path":"/marketplace/scantist-sca","installation_count":298,"full_description":"Scantist’s SCA is a FREE app that provide complete visibility into the third-party components used in your applications.\n\nThis enables you to proactively manage the security risks which come from the use of such components, it helps\ncontinuously scan all your repos (private and public), detects vulnerabilities and provide remediation.\n","short_description":"Proactive vulnerability management and license compliance for your third-party components","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/1177?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":1177,"state":6,"name":"Scantist Thompson","slug":"scantist-sca","short_description":"Proactive vulnerability management and license compliance for your third-party components","full_description":"Scantist’s SCA is a FREE app that provide complete visibility into the third-party components used in your applications. \n\nThis enables you to proactively manage the security risks which come from the use of such components, it helps continuously scan all your repos (private and public), detects vulnerabilities and provide remediation.\n\n","extended_description":"## Find and Fix Vulnerabilities\nScantist SCA scan your repo thoroughly and search for all the known vulnerabilities caused by the uses of 3rd party repositories. Once the vulnerabilities have been identified, Scantist SCA finds the most suitable library version that can fix either your direct or transitive dependencies, and generate a Pull Request, sending it back to your repo.\n\n## Continuous Monitoring\nThere are new vulnerabilities being discovered and introduced everyday. Scantist SCA helps monitor your repo continuously and send notification/alert to you, keeping your repo to stay under the most secured environment.","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://scantist.io","tos_url":"","company_url":"https://scantist.io","status_url":"","support_url":"support@scantist.com","documentation_url":"https://scantist.atlassian.net/wiki/spaces/SD/pages","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":"https://scantist.io","how_it_works":null,"hero_card_background_image_id":0,"technical_email":"admin@scantist.com","marketing_email":"rohan@scantist.com","finance_email":"finance@scantist.com","direct_billing_enabled":false,"by_github":false,"security_email":"ding@scantist.com","listable_type":"OauthApplication","listable_id":620146,"copilot_app":false}}},{"type":"marketplace_listing","id":"3768","state":"unverified","name":"Debricked","free":false,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":true,"slug":"debricked","owner_login":"debricked","resource_path":"/marketplace/debricked","installation_count":2373,"full_description":"Debricked s tool allows you to discover known vulnerabilities in your open source-libraries in an early stage of your\ndevelopment process. Identify, fix and prevent open source vulnerabilities automatically with enforceable pipeline\nrules. Spend less time on manual security research and fixes; let Debricked do the work for you.\n\nDebricked is free for all open source projects!\n","short_description":"Automatically identify, fix and prevent vulnerabilities in your open source dependencies","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/3768?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":3768,"state":6,"name":"Debricked","slug":"debricked","short_description":"Automatically identify, fix and prevent vulnerabilities in your open source dependencies","full_description":"Debricked's tool allows you to discover known vulnerabilities in your open source-libraries in an early stage of your development process. **Identify**, **fix** and **prevent** open source vulnerabilities automatically with enforceable pipeline rules. Spend less time on manual security research and fixes; let Debricked do the work for you. \n\n**Debricked is free for all open source projects!**  \n\n\n\n\n\n","extended_description":"Debricked makes it easy to maintain a good state of security in your project. \n\nThe tool allows you to:\n\n- Detect vulnerabilities in your direct and indirect dependencies\n- Integrate seamlessly with other systems used in your everyday workflow\n- Prioritise with the help of our own score, debAI, and make informed decisions \n- Fix vulnerabilities using our suggestions and advise as well as pull requests\n- Prevent dependencies with severe vulnerabilities from entry using automated rules\n- Prevent using dependencies with incompatible licenses\n\nWe support a [wide range of languages and package managers](https://debricked.com/documentation/language-support/), and more are being added as we go!\n\n","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://debricked.com/privacy-policy/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","tos_url":"https://debricked.com/terms-and-conditions/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","company_url":"https://debricked.com/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","status_url":"","support_url":"https://debricked.com/contact/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","documentation_url":"https://debricked.com/documentation/1.0/integrations/ci-build-systems/github?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","pricing_url":null,"bgcolor":"0d1840","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":2763,"technical_email":"oscar.reimer@debricked.com","marketing_email":"joanna.qvarnstrom@debricked.com","finance_email":"daniel.wisenhoff@debricked.com","direct_billing_enabled":false,"by_github":false,"security_email":"martin.hell@debricked.com","listable_type":"Integration","listable_id":24490,"copilot_app":false}}},{"type":"marketplace_listing","id":"9830","state":"unverified","name":"Private Dependency Graph","free":false,"primary_category":"Dependency management","secondary_category":null,"is_verified_owner":true,"slug":"private-dependency-graph","owner_login":"conformal-link","resource_path":"/marketplace/private-dependency-graph","installation_count":118,"full_description":"Missing private dependencies in GitHub?\n\nThe Private Dependency Graph app resolves private dependents and dependencies in your GitHub account or organization.\n","short_description":"Resolves dependencies/dependents in your GitHub organization","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/9830?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":9830,"state":6,"name":"Private Dependency Graph","slug":"private-dependency-graph","short_description":"Resolves dependencies/dependents in your GitHub organization","full_description":"### Missing private dependencies in GitHub?\nThe Private Dependency Graph app resolves private dependents and dependencies in your GitHub account or organization.","extended_description":"✅ **Set and forget**\nThe dependency data is automatically synced every time a repository changes.\n\n🔐 **Privacy focused**\nTeam members can only resolve private dependencies if they have read access to the repository. You have control and observability over the data we store.\n\n📍 **All your repos in a single place**\nExplore all your private dependencies in the web interface.\n\n🔧 **Integrated into GitHub's UI**\nPrivate dependency data is also shown on GitHub\n\n🚀 **More features coming soon!**\n\n","primary_category_id":11,"secondary_category_id":null,"privacy_policy_url":"https://topology.conformal.link/privacy-policy","tos_url":"","company_url":"https://conformal.link","status_url":"","support_url":"support@conformal.link","documentation_url":"","pricing_url":null,"bgcolor":"0e2f56","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":2387,"technical_email":"frejonb@conformal.link","marketing_email":"frejonb@conformal.link","finance_email":"frejonb@conformal.link","direct_billing_enabled":false,"by_github":false,"security_email":"frejonb@conformal.link","listable_type":"Integration","listable_id":113880,"copilot_app":false}}},{"type":"marketplace_listing","id":"7171","state":"unverified","name":"Dpulls","free":false,"primary_category":"Code review","secondary_category":"Dependency management","is_verified_owner":true,"slug":"dpulls","owner_login":"dpulls","resource_path":"/marketplace/dpulls","installation_count":173,"full_description":"Ever wrote  Depends on  on a PR ?\n\nIf you often find yourself splitting a large PR into smaller chain of dependent PRs (stacked PRs) or if it is common for\na you to have a single change that spans several other pull requests spread out across multiple projects, and if the\norder in which they are merged is significant, then Dpulls is for you.\n","short_description":"Mark a pull request as depending on another","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/7171?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":7171,"state":6,"name":"Dpulls","slug":"dpulls","short_description":"Mark a pull request as depending on another","full_description":"## Ever wrote \"Depends on\" on a PR ?\nIf you often find yourself splitting a large PR into smaller chain of dependent PRs (stacked PRs) or if it is common for a you to have a single change that spans several other pull requests spread out across multiple projects, and if the order in which they are merged is significant, then [**Dpulls**](https://www.dpulls.com/)  is for you.","extended_description":"## No more wrong merges !\nWith [**Dpulls**](https://www.dpulls.com/), you make sure your pull requests won't be merged in the wrong order ( Dependent pull requests wont't be mergeable until all dependency pull requests get merged first ). This is particulary helpful in large organizations where many people work on several interdependent projects and where communication can be more difficult.\n[**Dpulls**](https://www.dpulls.com/) lets you regain control over your PRs and gives your developers the visibility they need to avoid any acccidental merge !\n\n## Features\n- Nested dependencies\n- Cross-repository support\n- Cross-organization support\n- Conditional merge...","primary_category_id":10,"secondary_category_id":11,"privacy_policy_url":"https://www.dpulls.com/privacy","tos_url":"https://www.dpulls.com/terms","company_url":"https://www.dpulls.com/","status_url":"","support_url":"support@dpulls.com","documentation_url":"https://www.dpulls.com/docs#/","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":1787,"technical_email":"support@dpulls.com","marketing_email":"support@dpulls.com","finance_email":"support@dpulls.com","direct_billing_enabled":false,"by_github":false,"security_email":"support@dpulls.com","listable_type":"Integration","listable_id":48063,"copilot_app":false}}},{"type":"marketplace_listing","id":"15446","state":"unverified","name":"Contrast Security SCA","free":true,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":true,"slug":"contrast-security-sca","owner_login":"Contrast-Security-OSS","resource_path":"/marketplace/contrast-security-sca","installation_count":199,"full_description":"Automated software composition analysis at scale\n\nThis GitHub App allows technical leads and security engineers to get visibility quickly into the security risks from\nknown vulnerabilities in dependencies used across their entire application portfolio.\n","short_description":"Automated software composition analysis at scale","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/15446?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":15446,"state":6,"name":"Contrast Security SCA","slug":"contrast-security-sca","short_description":"Automated software composition analysis at scale","full_description":"# Automated software composition analysis at scale\n\nThis GitHub App allows technical leads and security engineers to get visibility quickly into the security risks from known vulnerabilities in dependencies used across their entire application portfolio.\n\n\n","extended_description":"The App will set up the [GitHub Action for Contrast SCA](https://github.com/marketplace/actions/contrast-security-sca) across repos by committing a workflow file with the Action configured via secrets.\n\nAny commits to the default branch or attempts to merge into the default branch will trigger the workflow. Results will be available as PR status checks, in the Actions logs, and in the Contrast web interface.\n\nNote that you must be an Admin on at least one of the repositories in the GitHub organization on which you wish to install. Note that you must also have a Contrast account to complete the installation of this App, and the account's role must be Org Editor at minimum. \n\nSee [Contrast Documentation](https://docs.contrastsecurity.com/en/projects.html) for more details. You can also email support@contrastsecurity.com for any assistance.\n","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://www.contrastsecurity.com/privacy-matters","tos_url":"https://www.contrastsecurity.com/enduser-terms-0317a","company_url":"https://www.contrastsecurity.com","status_url":"https://status.contrastsecurity.com","support_url":"https://www.contrastsecurity.com/customer-support-services","documentation_url":"https://docs.contrastsecurity.com/index.html","pricing_url":null,"bgcolor":"40D273","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":3833,"technical_email":"support@contrastsecurity.com","marketing_email":"pr@contrastsecurity.com","finance_email":"accountspayable@contrastsecurity.com","direct_billing_enabled":false,"by_github":false,"security_email":"security@contrastsecurity.com","listable_type":"Integration","listable_id":316998,"copilot_app":false}}},{"type":"marketplace_listing","id":"15538","state":"unverified","name":"LocaleBadger","free":true,"primary_category":"Localization","secondary_category":"Dependency management","is_verified_owner":true,"slug":"localebadger","owner_login":"arsawatt-software","resource_path":"/marketplace/localebadger","installation_count":13,"full_description":"Speak like a local. Globally.\n\nImproved User Experience: Providing content in users preferred languages enhances their overall experience. It\neliminates language barriers, allowing them to navigate your website effortlessly.\n\nAccess to Long-Tail Markets: Long-tail languages can collectively represent a significant market. By catering to these\nlanguages, you can tap into niche markets with lower competition and find loyal user bases eager for localized content.\n","short_description":"LocaleBadger automates the internationalization (i18n) and localization (l10n) of software repositories: Rails, Gatsby, React","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/15538?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":15538,"state":6,"name":"LocaleBadger","slug":"localebadger","short_description":"LocaleBadger automates the internationalization (i18n) and localization (l10n) of software repositories: Rails, Gatsby, React","full_description":"# Speak like a local. Globally.\n**Improved User Experience**: Providing content in users' preferred languages enhances their overall experience. It eliminates language barriers, allowing them to navigate your website effortlessly.\n\n**Access to Long-Tail Markets**: Long-tail languages can collectively represent a significant market. By catering to these languages, you can tap into niche markets with lower competition and find loyal user bases eager for localized content.\n","extended_description":"**Increased Engagement**: Speaking to users in their native language creates a stronger connection and fosters engagement. When individuals can understand and relate to your content, they are more likely to stay engaged, explore further, and take desired actions, such as making a purchase or sharing your message.\n\n**Expanded Reach**: By translating your content into different languages, you can expand your reach to a global audience. Addressing people in their own language helps you tap into untapped markets and target specific regions or demographics. This opens up new opportunities for growth, user acquisition, and market penetration.\n\n**Enhanced Trust and Credibility**: When you communicate in a user's native language, it builds trust and credibility. It shows that you value and respect their culture, making them more receptive to your message. Localized content demonstrates a commitment to understanding their needs.\n","primary_category_id":13,"secondary_category_id":11,"privacy_policy_url":"https://www.localebadger.com/privacy/","tos_url":"https://www.localebadger.com/tos/","company_url":"https://www.localebadger.com","status_url":"","support_url":"https://www.localebadger.com/support/","documentation_url":"https://www.localebadger.com/docs/how_it_works/","pricing_url":null,"bgcolor":"f0f0f0","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"dan.dimerman@arsawatt.com","marketing_email":"dan.dimerman@arsawatt.com","finance_email":"dan.dimerman@arsawatt.com","direct_billing_enabled":false,"by_github":false,"security_email":"dan.dimerman@arsawatt.com","listable_type":"Integration","listable_id":344037,"copilot_app":false}}},{"type":"marketplace_listing","id":"13233","state":"unverified","name":"Threatrix","free":true,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":true,"slug":"threatrix","owner_login":"threatrix","resource_path":"/marketplace/threatrix","installation_count":38,"full_description":"Graduate To Threatrix\n\nThreatrix is the first-to-market, cost-effective solution, providing continual license compliance and automated\nsecurity, allowing organizations to determine their exposure to open source risks with one solution. Actionable results\ndrive measurable reductions in risk, saving organizations developer time and costly remediation efforts for compliance\nteams.\n\nThreatrix provides hyper-accurate, audit quality results with its first-to-market technology.\n","short_description":"Audit quality, snippet level, open source security and license compliance in build-time with auto-remediation","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/13233?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":13233,"state":6,"name":"Threatrix","slug":"threatrix","short_description":"Audit quality, snippet level, open source security and license compliance in build-time with auto-remediation","full_description":"## Graduate To Threatrix\nThreatrix is the first-to-market, cost-effective solution, providing continual license compliance and automated security, allowing organizations to determine their exposure to open source risks with one solution. Actionable results drive measurable reductions in risk, saving organizations developer time and costly remediation efforts for compliance teams.\n\nThreatrix provides hyper-accurate, audit quality results with its first-to-market technology.","extended_description":"Nearly four years of research and development have culminated in the creation of our core technologies. Threatrix Origin Tracing technology ensures the most accurate open source match results producing immediately actionable data from build time scans.\n\nWith support for more than 400 languages and growing every day, Threatrix encompasses, by far, the broadest coverage of any tool in the market.\n\n### Continuous Security\nThreatrix continuously scans your repositories for security vulnerabilities and creates fix requests for the next or latest security versions of components.\n\n### Continuous Compliance\nThreatrix produces hyper-accurate results in minutes allowing your team to perform continuous triage of license issues to stay ahead of open source risks. VCs are using Threatrix to determine risks with their investments. Failing to comply with all of your open source licenses may kill your next funding round.\n\n","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://threatrix.io/privacy","tos_url":"https://threatrix.io/terms","company_url":"https://threatrix.io/","status_url":"","support_url":"support@threatrix.io","documentation_url":"https://docs.threatrix.io/","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"john@threatrix.io","marketing_email":"kristen@threatrix.io","finance_email":"john@threatrix.io","direct_billing_enabled":false,"by_github":false,"security_email":"john@threatrix.io","listable_type":"Integration","listable_id":220916,"copilot_app":false}}},{"type":"marketplace_listing","id":"13752","state":"unverified","name":"Container Registry","free":false,"primary_category":"Dependency management","secondary_category":"Deployment","is_verified_owner":true,"slug":"container-registry","owner_login":"container-registry","resource_path":"/marketplace/container-registry","installation_count":91,"full_description":"8gears Container Registry is a Harbor-based Container Image Management Solution for individuals, teams, and\norganizations from the maintainers of the CNCF project Harbor.\n\nFeatures\n\n  - Store container images for yourself or your team\n  - Unlimited private repositories\n  - 1 GB free storage included\n  - 0.1 EUR per GB/month for additional storage\n  - Free data transfer\n  - Image security and vulnerability analysis\n","short_description":"Best-in-class CNCF Harbor based Container Image Management for individuals, teams and organizations","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/13752?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":13752,"state":6,"name":"Container Registry","slug":"container-registry","short_description":"Best-in-class CNCF Harbor based Container Image Management for individuals, teams and organizations","full_description":"8gears Container Registry is a Harbor-based Container Image Management Solution for individuals, teams, and organizations from the maintainers of the CNCF project Harbor.\n\n# Features\n- Store container images for yourself or your team\n- **Unlimited** private repositories\n- 1 GB free storage included\n- 0.1 EUR per GB/month for additional storage\n- Free data transfer\n- Image security and vulnerability analysis","extended_description":"# For Individuals\nAs a viable alternative to Docker Hub, this service offers free and unlimited private repositories for your side project or contract\n\n# For Teams and Organizations\nGet ultimate control over all containers images on user, team, project, partner, and even customer levels. Onboard everyone in your organization in no time using the seamless corporate identity and access management integration via OpenID Connect or LDAP/Active Directory.\n\n\n# For Software Vendors\nDistribute your software as container images to your customers, providing them a simple way to use your containerized software. Manage customer's access and duration to your container images, or even link the access with a subscription management system. The extensive API offers infinite possibilities.","primary_category_id":11,"secondary_category_id":3,"privacy_policy_url":"https://container-registry.com/privacy/","tos_url":"https://container-registry.com/terms-of-service/","company_url":"https://container-registry.com/","status_url":"https://statuspage.container-registry.com/","support_url":"https://container-registry.com/contact/support/","documentation_url":"https://container-registry.com/docs/","pricing_url":null,"bgcolor":"ffffff","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":3404,"technical_email":"help@container-registry.com","marketing_email":"org@container-registry.com","finance_email":"org@container-registry.com","direct_billing_enabled":false,"by_github":false,"security_email":"vb@container-registry.com","listable_type":"Integration","listable_id":254661,"copilot_app":false}}},{"type":"marketplace_listing","id":"13965","state":"unverified","name":"Phylum","free":true,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":true,"slug":"phylum-io","owner_login":"phylum-dev","resource_path":"/marketplace/phylum-io","installation_count":174,"full_description":"Phylum blocks software supply chain attacks. Automate software supply chain security to contextualize risks, block\nattacks and only use open-source code that you trust. View full app documentation here.\n","short_description":"Automate software supply chain security to prevent malware, vulnerabilities, and other risks","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/13965?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":13965,"state":6,"name":"Phylum","slug":"phylum-io","short_description":"Automate software supply chain security to prevent malware, vulnerabilities, and other risks","full_description":"Phylum **blocks** software supply chain attacks. Automate software supply chain security to contextualize risks, block attacks and only use open-source code that you trust. [View full app documentation here](https://docs.phylum.io/docs/github_app).","extended_description":"Phylum monitors real-time package publications to NPM, PyPI, RubyGems, NuGet, Crates.io, and Maven. Phylum defends applications by surfacing, as PR comments and status check failures, dependency risks to include:\n\n* Malware\n* Typosquatting\n* Dependency Confusion\n* Credential Stealers\n* Bad Authors\n* Vulnerabilities\n* [More](https://docs.phylum.io/docs/issue_tags)\n\n### Proven record defending developers\n\n[Phylum analyzes](https://www.phylum.io/phylum-updates) **millions** of open-source packages yearly to identify **thousands** of malicious packages. The [Phylum Research blog](https://blog.phylum.io/tag/research) highlights the latest attack techniques and campaigns uncovered by the platform.\n\nPhylum was named the winner of the first Black Hat Startup Spotlight Competition and named a Top Infosec Innovator by Cyber Defense Magazine. Bring this **award-winning technology** to your CI/CD pipeline **in 60 seconds**.\n\nJoin us on the [Phylum Community Discord](https://discord.gg/c9QnknWxm3)!","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://www.phylum.io/privacy-policy-and-legal","tos_url":"","company_url":"https://phylum.io","status_url":"","support_url":"https://www.phylum.io/contact-us","documentation_url":"https://docs.phylum.io/docs/github_app","pricing_url":null,"bgcolor":"000","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"engineering@phylum.io","marketing_email":"revops@phylum.io","finance_email":"revops@phylum.io","direct_billing_enabled":false,"by_github":false,"security_email":"security@phylum.io","listable_type":"Integration","listable_id":264188,"copilot_app":false}}},{"type":"marketplace_listing","id":"14408","state":"unverified","name":"Devbox Cloud","free":true,"primary_category":"Container CI","secondary_category":"Dependency management","is_verified_owner":true,"slug":"devbox-cloud","owner_login":"jetify-com","resource_path":"/marketplace/devbox-cloud","installation_count":112,"full_description":"Devbox Cloud is a new way to create and run your Devbox Project in an isolated cloud environment. It lets you quickly\nspin up an on-demand Linux Edge VM with your Devbox dependencies and preview Github projects directly in your browser.\nThe Devbox Cloud Shell comes with the Devbox CLI preinstalled, so you can easily install your projects dependencies or\nrun projects that include a devbox.json.\n","short_description":"Spin up a cloud development environment on the edge in seconds. 100% reproducible and powered by Nix","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/14408?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":14408,"state":6,"name":"Devbox Cloud","slug":"devbox-cloud","short_description":"Spin up a cloud development environment on the edge in seconds. 100% reproducible and powered by Nix","full_description":"Devbox Cloud is a new way to create and run your Devbox Project in an isolated cloud environment. It lets you quickly spin up an on-demand Linux Edge VM with your Devbox dependencies and preview Github projects directly in your browser. The Devbox Cloud Shell comes with the Devbox CLI preinstalled, so you can easily install your projects dependencies or run projects that include a devbox.json.","extended_description":"Use cases for Devbox Cloud include:\n\n- Testing out Packages or Scripts in an Isolated Linux Environment -- Preview different combinations or environments in a remote VM\n- Easy Preview Environments for your project\n\nSee [docs](https://jetpack.io/devbox/docs/devbox_cloud/browser_getting_started/) for details","primary_category_id":27,"secondary_category_id":11,"privacy_policy_url":"https://www.jetpack.io/docs/legal/privacy/","tos_url":"https://www.jetpack.io/docs/legal/terms/","company_url":"https://www.jetpack.io","status_url":"","support_url":"https://jetpack-io.typeform.com/consult-ne","documentation_url":"https://www.jetpack.io/devbox/docs/","pricing_url":null,"bgcolor":"280459","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"daniel@jetpack.io","marketing_email":"john.lago@jetpack.io","finance_email":"daniel@jetpack.io","direct_billing_enabled":false,"by_github":false,"security_email":"daniel@jetpack.io","listable_type":"Integration","listable_id":197953,"copilot_app":false}}},{"type":"marketplace_listing","id":"17323","state":"unverified","name":"signal.fyi","free":true,"primary_category":"Dependency management","secondary_category":"Utilities","is_verified_owner":true,"slug":"www-signal-fyi","owner_login":"signalfyi","resource_path":"/marketplace/www-signal-fyi","installation_count":6,"full_description":"signal.fyi automates Docker image version updates through pull requests against your default branch, monitoring\nmulti-file and/or multi-stage Dockerfiles in your repository (max:3/repository). Enhance compliance, security, and the a\nhref=\nhttps://www.cisa.gov/sbom#:~:text=A%20%E2%80%9Csoftware%20bill%20of%20materials,that%20make%20up%20software%20components.\ntarget= _blank Software Bill of Materials (SBOM) /a context with auditable and traceable records of your Docker image\nversions.\n","short_description":"Automates multifile and/or multistage Docker image version updates via PR's against the default branch (max:3/repo)","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/17323?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":17323,"state":6,"name":"signal.fyi","slug":"www-signal-fyi","short_description":"Automates multifile and/or multistage Docker image version updates via PR's against the default branch (max:3/repo)","full_description":"signal.fyi automates Docker image version updates through pull requests against your default branch, monitoring multi-file and/or multi-stage Dockerfiles in your repository (max:3/repository). Enhance compliance, security, and the <a href=\"https://www.cisa.gov/sbom#:~:text=A%20%E2%80%9Csoftware%20bill%20of%20materials,that%20make%20up%20software%20components.\" target=\"_blank\">Software Bill of Materials (SBOM)</a> context with auditable and traceable records of your Docker image versions.","extended_description":"signal.fyi streamlines Docker image version management in projects, enhancing security and compliance. It integrates their latest versions via pull requests, ideal for multi-file and multi-stage builds. With a configured CI/CD pipeline for auto-merging or deploying pull requests, signal.fyi enables seamless update automation. This minimizes vulnerability risks and aligns with regulatory standards. For management, it's a strategic tool to boost security and streamline workflows. It ensures software integrity and reliability, making the update process transparent and efficient. signal.fyi supports a secure, compliant development lifecycle, automating critical updates for focused innovation.","primary_category_id":11,"secondary_category_id":29,"privacy_policy_url":"https://www.signal.fyi/legal/","tos_url":"https://www.signal.fyi/legal/","company_url":"https://www.signal.fyi/","status_url":"https://www.signal.fyi/","support_url":"https://github.com/signalfyi/support","documentation_url":"https://www.signal.fyi/","pricing_url":null,"bgcolor":"ffffff","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":4392,"technical_email":"contact@signal.fyi","marketing_email":"contact@signal.fyi","finance_email":"contact@signal.fyi","direct_billing_enabled":false,"by_github":false,"security_email":"contact@signal.fyi","listable_type":"Integration","listable_id":340818,"copilot_app":false}}},{"type":"marketplace_listing","id":"17410","state":"unverified","name":"DepsHub App","free":true,"primary_category":"Dependency management","secondary_category":"AI Assisted","is_verified_owner":true,"slug":"depshub-app","owner_login":"DepshubHQ","resource_path":"/marketplace/depshub-app","installation_count":29,"full_description":"Update all your dependencies on autopilot.\n\nWe use AI to process changelogs and release notes, analyze your codebase, and automatically update your dependencies,\nincluding any breaking changes.\n\nDepsHub helps you to save time by providing a simple and easy way to monitor and update your dependencies.\n","short_description":"Update all your dependencies on autopilot","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/17410?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":17410,"state":6,"name":"DepsHub App","slug":"depshub-app","short_description":"Update all your dependencies on autopilot","full_description":"Update all your dependencies on autopilot.\n\nWe use AI to process changelogs and release notes, analyze your codebase, and automatically update your dependencies, **including any breaking changes**.\n\nDepsHub helps you to save time by providing a simple and easy way to monitor and update your dependencies.","extended_description":"- 🌈 Noise-free dependency management\nGet access to the tools you keep your dependencies in check. Whether you have a team of 2 or 200.\n\n- 📂 Cross-repository overview\nSee all your dependencies in one place. No more digging through repositories.\n\n- 🎓 License compliance\nAvoid legal trouble by making sure your dependencies are licensed correctly.\n\n- 🚨 Security alerts\nGet notified when a dependency has a security vulnerability. Update your code only if it affects you.","primary_category_id":11,"secondary_category_id":39,"privacy_policy_url":"https://depshub.com/privacy","tos_url":"","company_url":"https://depshub.com","status_url":"","support_url":"https://depshub.com/","documentation_url":"","pricing_url":null,"bgcolor":"bdee63","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":4420,"technical_email":"andriy@depshub.com","marketing_email":"andriy@depshub.com","finance_email":"andriy@depshub.com","direct_billing_enabled":false,"by_github":false,"security_email":"andriy@depshub.com","listable_type":"Integration","listable_id":338422,"copilot_app":false}}},{"type":"marketplace_listing","id":"251","state":"verified","name":"Snyk","free":false,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":false,"slug":"snyk","owner_login":"snyk","resource_path":"/marketplace/snyk","installation_count":207867,"full_description":"Snyk helps you develop fast while staying secure by finding and automatically fixing security issues in your code, open\nsource dependencies, containers, and infrastructure as code - all powered by Snyk’s security intelligence.\n","short_description":"Find, fix (and prevent!) known vulnerabilities in your code","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/251?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":251,"state":3,"name":"Snyk","slug":"snyk","short_description":"Find, fix (and prevent!) known vulnerabilities in your code","full_description":"Snyk helps you develop fast while staying secure by finding and automatically fixing security issues in your code, open source dependencies, containers, and infrastructure as code - all powered by Snyk’s security intelligence. ","extended_description":"## Security for your entire application\nSnyk provides security coverage for all the different components in your application - your custom code, open source dependencies, containers, and infrastructure as code (IaC) configurations - all in one unified platform. \n\n## Fast, free and accurate results\nAnalyze your code, dependencies, containers, and configurations free of charge and in seconds. Analysis is powered by Snyk’s industry-leading vulnerability database - the Snyk Intel Vulnerability Database and Snyk Code’s revolutionary scanning engine.\n\n## Automated fixes within GitHub\nSnyk makes fixing easy with 1-click fix pull requests and automatically opens pull requests for new vulnerabilities and outdated dependencies. Pull requests are populated with rich context to help you prioritize fixes efficiently and can be configured to best suit your needs. Snyk scans any new pull request for issues to keep insecure code out of your repositories. \n","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://snyk.io/policies#privacy","tos_url":"https://snyk.io/policies#terms-of-services","company_url":"https://snyk.io","status_url":"https://snyk.statuspage.io","support_url":"support@snyk.io","documentation_url":"https://snyk.io/docs","pricing_url":"https://snyk.io/plans","bgcolor":"222048","light_text":false,"learn_more_url":null,"installation_url":"https://snyk.io/auth/github-marketplace","how_it_works":null,"hero_card_background_image_id":50,"technical_email":"github-marketplace-ops@snyk.io","marketing_email":"github-marketplace-marketing@snyk.io","finance_email":"github-marketplace-finance@snyk.io","direct_billing_enabled":false,"by_github":false,"security_email":null,"listable_type":"OauthApplication","listable_id":358121,"copilot_app":false}}},{"type":"marketplace_listing","id":"287","state":"verified","name":"Renovate","free":false,"primary_category":"Dependency management","secondary_category":"Security","is_verified_owner":false,"slug":"renovate","owner_login":"renovatebot","resource_path":"/marketplace/renovate","installation_count":38189,"full_description":"Mend Renovate | Dependency Update Automation\n\nRenovate: an open-source tool which automatically creates pull requests for all types of dependency updates. Includes\ncrowdsourced test and package adoption data are used to flag potentially risky updates and enable auto-merging for those\nthat meet user-defined conditions.\n\nHow Renovate works:\n\n  - Scans your repos to detect dependencies (wide package manager support)\n  - Checks if any newer versions exist\n  - Raises PRs for available updates\n","short_description":"Keep dependencies up-to-date with automated Pull Requests","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/287?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":287,"state":3,"name":"Renovate","slug":"renovate","short_description":"Keep dependencies up-to-date with automated Pull Requests","full_description":"## Mend Renovate | Dependency Update Automation\n\nRenovate: an open-source tool which automatically creates pull requests for all types of dependency updates. Includes crowdsourced test and package adoption data are used to flag potentially risky updates and enable auto-merging for those that meet user-defined conditions.\n\nHow Renovate works:\n- Scans your repos to detect dependencies (wide package manager support)\n- Checks if any newer versions exist\n- Raises PRs for available updates","extended_description":"## How Does Mend Renovate Make My Life Easier?\n\n**Reduce technical debt** through automated, proactive dependency updates. Cease falling behind the latest versions.\n\n**Avoid Zero Day vulnerability fire drills** by keeping your project nimble so you can apply urgent, zero-day security updates without risk. \n\n**Stop worrying about breaking your build**. Crowdsourced merge confidence and package adoption data are used to identify whether an update can be safely merged or contains potential risk. \n\n**Automate high confidence updates**. Set up auto-merging without human intervention, for updates that pass your tests and satisfy the auto-merge rules you define.\n\n**Group and schedule updates** to ensure they don’t interrupt your existing workflows.\n\n## How To Get Started?\n\nInstall the app and select the repos you would like. For each selected repo, an Onboarding PR will be created. Renovate has robust defaults so as soon as you merge the Onboarding PR, you’ve already gotten started!","primary_category_id":11,"secondary_category_id":6,"privacy_policy_url":"https://www.mend.io/free-developer-tools/terms-of-use/#renovate","tos_url":"https://www.mend.io/free-developer-tools/renovate/terms-of-service/","company_url":"https://www.mend.io","status_url":"","support_url":"https://github.com/renovatebot/renovate/discussions","documentation_url":"https://docs.renovatebot.com","pricing_url":"","bgcolor":"0B7E9E","light_text":false,"learn_more_url":null,"installation_url":"https://github.com/apps/renovate","how_it_works":null,"hero_card_background_image_id":3042,"technical_email":"rhys@arkins.net","marketing_email":"rhys@arkins.net","finance_email":"rhys@arkins.net","direct_billing_enabled":false,"by_github":false,"security_email":"rhys@renovatebot.com","listable_type":"Integration","listable_id":2740,"copilot_app":false}}}],"total":1090,"total_pages":55},"categories":{"apps":[{"name":"API management","slug":"api-management","description_html":"<p>Structure your API infrastructure to enable various internet gateways to interact with your service.</p>\n"},{"name":"Backup Utilities","slug":"backup-utilities","description_html":"<p>Utilities providing periodic backups of your GitHub data</p>\n"},{"name":"Chat","slug":"chat","description_html":"<p>Bring GitHub into your conversations.</p>\n"},{"name":"Code quality","slug":"code-quality","description_html":"<p>Automate your code review with style, quality, security, and test‑coverage checks when you need them.</p>\n"},{"name":"Code review","slug":"code-review","description_html":"<p>Ensure your code meets quality standards and ship with confidence.</p>\n"},{"name":"Container CI","slug":"container-ci","description_html":"<p>Continuous integration for container applications.</p>\n"},{"name":"Continuous integration","slug":"continuous-integration","description_html":"<p>Automatically build and test your code as you push it to GitHub, preventing bugs from being deployed to production.</p>\n"},{"name":"Dependency management","slug":"dependency-management","description_html":"<p>Secure and manage your third-party dependencies.</p>\n"},{"name":"Deployment","slug":"deployment","description_html":"<p>Streamline your code deployment so you can focus on your product.</p>\n"},{"name":"Deployment Protection Rules","slug":"deployment-protection-rules","description_html":"<p>Enables custom protection rules to gate deployments with third-party services</p>\n"},{"name":"Game CI","slug":"game-ci","description_html":"<p>Tools for building a CI pipeline for game development</p>\n"},{"name":"IDEs","slug":"ides","description_html":"<p>Find the right interface to build, debug, and deploy your source code.</p>\n"},{"name":"Learning","slug":"learning","description_html":"<p>Get the skills you need to level up.</p>\n"},{"name":"Localization","slug":"localization","description_html":"<p>Extend your software's reach. Localize and translate continuously from GitHub.</p>\n"},{"name":"Mobile","slug":"mobile","description_html":"<p>Improve your workflow for the small screen.</p>\n"},{"name":"Mobile CI","slug":"mobile-ci","description_html":"<p>Continuous integration for Mobile applications</p>\n"},{"name":"Monitoring","slug":"monitoring","description_html":"<p>Monitor the impact of your code changes. Measure performance, track errors, and analyze your application.</p>\n"},{"name":"Project management","slug":"project-management","description_html":"<p>Organize, manage, and track your project with tools that build on top of issues and pull requests.</p>\n"},{"name":"Publishing","slug":"publishing","description_html":"<p>Get your site ready for production so you can get the word out.</p>\n"},{"name":"Recently added","slug":"recently-added","description_html":"<p>The latest tools that help you and your team build software better, together.</p>\n"},{"name":"Security","slug":"security","description_html":"<p>Find, fix, and prevent security vulnerabilities before they can be exploited.</p>\n"},{"name":"Support","slug":"support","description_html":"<p>Get your team and customers the help they need.</p>\n"},{"name":"Testing","slug":"testing","description_html":"<p>Eliminate bugs and ship with more confidence by adding these tools to your workflow.</p>\n"},{"name":"Utilities","slug":"utilities","description_html":"<p>Auxiliary tools to enhance your experience on GitHub</p>\n"}],"actions":[{"name":"API management","slug":"api-management","description_html":"<p>Structure your API infrastructure to enable various internet gateways to interact with your service.</p>\n"},{"name":"Backup Utilities","slug":"backup-utilities","description_html":"<p>Utilities providing periodic backups of your GitHub data</p>\n"},{"name":"Chat","slug":"chat","description_html":"<p>Bring GitHub into your conversations.</p>\n"},{"name":"Code quality","slug":"code-quality","description_html":"<p>Automate your code review with style, quality, security, and test‑coverage checks when you need them.</p>\n"},{"name":"Code review","slug":"code-review","description_html":"<p>Ensure your code meets quality standards and ship with confidence.</p>\n"},{"name":"Container CI","slug":"container-ci","description_html":"<p>Continuous integration for container applications.</p>\n"},{"name":"Continuous integration","slug":"continuous-integration","description_html":"<p>Automatically build and test your code as you push it to GitHub, preventing bugs from being deployed to production.</p>\n"},{"name":"Dependency management","slug":"dependency-management","description_html":"<p>Secure and manage your third-party dependencies.</p>\n"},{"name":"Deployment","slug":"deployment","description_html":"<p>Streamline your code deployment so you can focus on your product.</p>\n"},{"name":"Deployment Protection Rules","slug":"deployment-protection-rules","description_html":"<p>Enables custom protection rules to gate deployments with third-party services</p>\n"},{"name":"Game CI","slug":"game-ci","description_html":"<p>Tools for building a CI pipeline for game development</p>\n"},{"name":"GitHub Sponsors","slug":"github-sponsors","description_html":"<p>Tools to manage your <a href=\"https://github.com/sponsors\">GitHub Sponsors</a> community</p>\n"},{"name":"IDEs","slug":"ides","description_html":"<p>Find the right interface to build, debug, and deploy your source code.</p>\n"},{"name":"Learning","slug":"learning","description_html":"<p>Get the skills you need to level up.</p>\n"},{"name":"Localization","slug":"localization","description_html":"<p>Extend your software's reach. Localize and translate continuously from GitHub.</p>\n"},{"name":"Mobile","slug":"mobile","description_html":"<p>Improve your workflow for the small screen.</p>\n"},{"name":"Mobile CI","slug":"mobile-ci","description_html":"<p>Continuous integration for Mobile applications</p>\n"},{"name":"Monitoring","slug":"monitoring","description_html":"<p>Monitor the impact of your code changes. Measure performance, track errors, and analyze your application.</p>\n"},{"name":"Project management","slug":"project-management","description_html":"<p>Organize, manage, and track your project with tools that build on top of issues and pull requests.</p>\n"},{"name":"Publishing","slug":"publishing","description_html":"<p>Get your site ready for production so you can get the word out.</p>\n"},{"name":"Security","slug":"security","description_html":"<p>Find, fix, and prevent security vulnerabilities before they can be exploited.</p>\n"},{"name":"Support","slug":"support","description_html":"<p>Get your team and customers the help they need.</p>\n"},{"name":"Testing","slug":"testing","description_html":"<p>Eliminate bugs and ship with more confidence by adding these tools to your workflow.</p>\n"},{"name":"Utilities","slug":"utilities","description_html":"<p>Auxiliary tools to enhance your experience on GitHub</p>\n"}]}},"title":"Marketplace"}