* [OpenFGA v1.17.0](https://github.com/openfga/openfga) – High-performance authorization engine for modeling and enforcing fine-grained access control inspired by Google Zanzibar.

* [cnspec v13.21.0](https://github.com/mondoohq/cnspec) – Cloud-native policy-as-code engine that scans infrastructure, containers, Kubernetes, cloud services, and code for vulnerabilities and misconfigurations.

* [MQL v13.21.0](https://github.com/mondoohq/mql) – Cloud-native graph-based query language for querying and discovering infrastructure assets across clouds, containers, and services.

* [Lego v5.2.2](https://github.com/go-acme/lego) – Let's Encrypt client and ACME library written in Go.

* [hoop.dev 1.83.0](https://github.com/hoophq/hoop) – Proxy that secures and simplifies access to infrastructure with outbound-only connections and integrated SSO.

* [Password Pusher v2.7.1](https://github.com/pglombardo/PasswordPusher) – Securely share sensitive information with automatic expiration and deletion after a set number of views or duration.

* [Xalgorix v4.4.28](https://github.com/xalgord/xalgorix) – Autonomous AI-driven penetration testing platform that performs multi-mode scans, discovers zero-day vulnerabilities, and generates PDF reports with live dashboard alerts.

* [OpenSSF Best Practices Badge sbom-production-2026...](https://github.com/coreinfrastructure/best-practices-badge) – Web-based badging system and criteria for assessing and encouraging best practices in FLOSS projects.

* [Tracecat 1.0.0-beta.49-rc.4](https://github.com/TracecatHQ/tracecat) – Modern automation platform for security and IT engineers with YAML templates, no-code workflows, lookup tables, and case management.