{"id":31753709,"url":"https://github.com/servicenow/servicenow-devops-security-result","last_synced_at":"2025-10-09T17:53:42.890Z","repository":{"id":185922641,"uuid":"635795656","full_name":"ServiceNow/servicenow-devops-security-result","owner":"ServiceNow","description":null,"archived":false,"fork":false,"pushed_at":"2025-10-01T13:06:28.000Z","size":30,"stargazers_count":2,"open_issues_count":1,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-01T15:09:27.379Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ServiceNow.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-05-03T13:23:15.000Z","updated_at":"2025-06-04T08:17:32.000Z","dependencies_parsed_at":null,"dependency_job_id":"8f2312b2-a869-4921-9792-01d4b85ec262","html_url":"https://github.com/ServiceNow/servicenow-devops-security-result","commit_stats":null,"previous_names":["servicenow/servicenow-devops-security-result"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/ServiceNow/servicenow-devops-security-result","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ServiceNow%2Fservicenow-devops-security-result","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ServiceNow%2Fservicenow-devops-security-result/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ServiceNow%2Fservicenow-devops-security-result/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ServiceNow%2Fservicenow-devops-security-result/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ServiceNow","download_url":"https://codeload.github.com/ServiceNow/servicenow-devops-security-result/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ServiceNow%2Fservicenow-devops-security-result/sbom","scorecard":{"id":128148,"data":{"date":"2025-08-11","repo":{"name":"github.com/ServiceNow/servicenow-devops-security-result","commit":"5827b3b6b0a877bc922d4c55abc38e618b07c0b5"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.4,"checks":[{"name":"Code-Review","score":2,"reason":"Found 5/22 approved changesets -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/test.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":4,"reason":"dependency not pinned by hash detected -- score normalized to 4","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/ServiceNow/servicenow-devops-security-result/test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/ServiceNow/servicenow-devops-security-result/test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/ServiceNow/servicenow-devops-security-result/test.yml/main?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   1 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":-1,"reason":"internal error: internal error: Client.Checks.ListCheckRunsForRef: error during graphqlHandler.setupCheckRuns: non-200 OK status code: 502 Bad Gateway body: \"\u003chtml\u003e\\r\\n\u003chead\u003e\u003ctitle\u003e502 Bad Gateway\u003c/title\u003e\u003c/head\u003e\\r\\n\u003cbody\u003e\\r\\n\u003ccenter\u003e\u003ch1\u003e502 Bad Gateway\u003c/h1\u003e\u003c/center\u003e\\r\\n\u003chr\u003e\u003ccenter\u003enginx\u003c/center\u003e\\r\\n\u003c/body\u003e\\r\\n\u003c/html\u003e\\r\\n\"","details":null,"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-16T04:31:35.929Z","repository_id":185922641,"created_at":"2025-08-16T04:31:35.929Z","updated_at":"2025-08-16T04:31:35.929Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279001804,"owners_count":26083197,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-09T02:00:07.460Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-10-09T17:53:41.687Z","updated_at":"2025-10-09T17:53:42.883Z","avatar_url":"https://github.com/ServiceNow.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ServiceNow DevOps Register Security Scan Results GitHub Action\n\nThis custom action needs to be added at step level in a job to register security scan resutls in ServiceNow instance.\n\n# Usage\n## Step 1: Prepare values for setting up your secrets for Actions\n- credentials (Devops integration token of a GitHub tool created in ServiceNow DevOps or username and password for a ServiceNow devops integration user)\n- instance URL for your ServiceNow dev, test, prod, etc. environments\n- tool_id of your GitHub tool created in ServiceNow DevOps\n\n## Step 2: Configure Secrets in your GitHub Ogranization or GitHub repository\nOn GitHub, go in your organization settings or repository settings, click on the _Secrets \u003e Actions_ and create a new secret.\n\nCreate secrets called \nFor token based authentication which is available from v3.0.0, create secrets called \n- `SN_DEVOPS_INTEGRATION_TOKEN` required for token based authentication\n- `SN_INSTANCE_URL` your ServiceNow instance URL, for example **https://test.service-now.com**\n- `SN_ORCHESTRATION_TOOL_ID` only the **sys_id** is required for the GitHub tool created in your ServiceNow instance\n\n\nFor basic authentication , create secrets called \n- `SN_INSTANCE_URL` your ServiceNow instance URL, for example **https://test.service-now.com**\n- `SN_DEVOPS_USER`\n- `SN_DEVOPS_PASSWORD`\n- `SN_ORCHESTRATION_TOOL_ID` only the **sys_id** is required for the GitHub tool created in your ServiceNow instance\n\n## Step 3: Identify upstream job that must complete successfully before the job using this custom action will run\nUse needs to configure the identified upstream job. See [test.yml](.github/workflows/test.yml) for usage.\n\n## Step 4: Configure the GitHub Action if need to adapt for your needs or workflows\n\n# For Token based Authentication which is available from v3.0.0 at ServiceNow instance\n\n### GitHub-Veracode:\n```yaml\n  ServiceNowSecurityScanResults:\n    # type of machine to run the job on\n    runs-on: ubuntu-latest\n    name: ServiceNow Security Scan Results\n    steps:\n      - name: ServiceNow DevOps Security Results\n        uses: ServiceNow/servicenow-devops-security-result@v3.1.0\n        with:\n            # DevOps Integration Token of GitHub tool created in ServiceNow instance for token based authentication.\n            devops-integration-token: ${{ secrets.SN_DEVOPS_INTEGRATION_TOKEN }}\n            # ServiceNow Instance URL\n            instance-url: ${{ secrets.SN_INSTANCE_URL }}\n            # Orchestration Tool Id\n            tool-id: ${{ secrets.SN_ORCHESTRATION_TOOL_ID }}\n            # GitHub Context\n            context-github: ${{ toJSON(github) }}\n            # Display Name of the Job\n            job-name: 'ServiceNow Security Scan Results'\n            security-result-attributes: '{\"scanner\": \"Veracode\", \"applicationName\": \"\", \"buildVersion\": \"\", \"securityToolId\": \"\"}'\n            # scanner: Scanning tool and is required e.g. Veracode.\n            # applicationName: Name of your Veracode application and is required. This attribute is applicable only for Veracode.\n            # buildVersion: Veracode Scan name / build version and is optional. This attribute is applicable only for Veracode.\n            # securityToolId: Security tool onboarded in ServiceNow (sys_id of the onboarded security tool) and is optional.\n```\n\n### GitHub-Checkmarx One:\n```yaml\n  ServiceNowSecurityScanResults:\n    # type of machine to run the job on\n    runs-on: ubuntu-latest\n    name: ServiceNow Security Scan Results\n    steps:\n      - name: ServiceNow DevOps Security Results\n        uses: ServiceNow/servicenow-devops-security-result@v3.1.0\n        with:\n            # DevOps Integration Token of GitHub tool created in ServiceNow instance for token based authentication.\n            devops-integration-token: ${{ secrets.SN_DEVOPS_INTEGRATION_TOKEN }}\n            # ServiceNow Instance URL\n            instance-url: ${{ secrets.SN_INSTANCE_URL }}\n            # Orchestration Tool Id\n            tool-id: ${{ secrets.SN_ORCHESTRATION_TOOL_ID }}\n            # GitHub Context\n            context-github: ${{ toJSON(github) }}\n            # Display Name of the Job\n            job-name: 'ServiceNow Security Scan Results'\n            security-result-attributes: '{\"scanner\": \"Checkmarx One\", \"projectName\": \"\", \"projectId\": \"\", \"scanId\": \"\", \"securityToolId\": \"\"}'\n            # scanner: Scanning tool and is required e.g. Checkmarx One.\n            # projectName/projectId: Name/Id of your Checkmarx One project and is required. This attribute is applicable only for Checkmarx One.\n            # scanId: Checkmarx One scan id and is optional. This attribute is applicable only for Checkmarx One.\n            # securityToolId: Security tool onboarded in ServiceNow (sys_id of the onboarded security tool) and is optional.\n```\n\n### GitHub-Checkmarx SAST:\n```yaml\nServiceNowSecurityScanResults:\n    # type of machine to run the job on\n    runs-on: ubuntu-latest\n    name: ServiceNow Security Scan Results\n    steps:\n      - name: ServiceNow DevOps Security Results\n        uses: ServiceNow/servicenow-devops-security-result@v3.1.0\n        with:\n            # DevOps Integration Token of GitHub tool created in ServiceNow instance for token based authentication.\n            devops-integration-token: ${{ secrets.SN_DEVOPS_INTEGRATION_TOKEN }}\n            # ServiceNow Instance URL\n            instance-url: ${{ secrets.SN_INSTANCE_URL }}\n            # Orchestration Tool Id\n            tool-id: ${{ secrets.SN_ORCHESTRATION_TOOL_ID }}\n            # GitHub Context\n            context-github: ${{ toJSON(github) }}\n            # Display Name of the Job\n            job-name: 'ServiceNow Security Scan Results'\n            security-result-attributes: '{\"scanner\": \"Checkmarx SAST\", \"projectId\": \"\", \"securityToolId\": \"\"}'\n            # scanner: Scanning tool and is required e.g. Checkmarx SAST.\n            # projectId: Id of your Checkmarx SAST project and is required. This attribute is applicable only for Checkmarx SAST.\n            # securityToolId: Security tool onboarded in ServiceNow (sys_id of the onboarded security tool) and is optional.\n```\n  devops-integration-token: ${{ secrets.SN_DEVOPS_INTEGRATION_TOKEN }}\n# For Basic Authentication at ServiceNow instance\n\n### GitHub-Veracode:\n```yaml\n  ServiceNowSecurityScanResults:\n    # type of machine to run the job on\n    runs-on: ubuntu-latest\n    name: ServiceNow Security Scan Results\n    steps:\n      - name: ServiceNow DevOps Security Results\n        uses: ServiceNow/servicenow-devops-security-result@v3.1.0\n        with:\n            # Devops Integration User Name\n            devops-integration-user-name: ${{ secrets.SN_DEVOPS_USER }}\n            # Devops Integration User Password\n            devops-integration-user-password: ${{ secrets.SN_DEVOPS_PASSWORD }}\n            # ServiceNow Instance URL\n            instance-url: ${{ secrets.SN_INSTANCE_URL }}\n            # Orchestration Tool Id\n            tool-id: ${{ secrets.SN_ORCHESTRATION_TOOL_ID }}\n            # GitHub Context\n            context-github: ${{ toJSON(github) }}\n            # Display Name of the Job\n            job-name: 'ServiceNow Security Scan Results'\n            security-result-attributes: '{\"scanner\": \"Veracode\", \"applicationName\": \"\", \"buildVersion\": \"\", \"securityToolId\": \"\"}'\n            # scanner: Scanning tool and is required e.g. Veracode.\n            # applicationName: Name of your Veracode application and is required. This attribute is applicable only for Veracode.\n            # buildVersion: Veracode Scan name / build version and is optional. This attribute is applicable only for Veracode.\n            # securityToolId: Security tool onboarded in ServiceNow (sys_id of the onboarded security tool) and is optional.\n```\n\n### GitHub-Checkmarx One:\n```yaml\n  ServiceNowSecurityScanResults:\n    # type of machine to run the job on\n    runs-on: ubuntu-latest\n    name: ServiceNow Security Scan Results\n    steps:\n      - name: ServiceNow DevOps Security Results\n        uses: ServiceNow/servicenow-devops-security-result@v3.1.0\n        with:\n            # Devops Integration User Name\n            devops-integration-user-name: ${{ secrets.SN_DEVOPS_USER }}\n            # Devops Integration User Password\n            devops-integration-user-password: ${{ secrets.SN_DEVOPS_PASSWORD }}\n            # ServiceNow Instance URL\n            instance-url: ${{ secrets.SN_INSTANCE_URL }}\n            # Orchestration Tool Id\n            tool-id: ${{ secrets.SN_ORCHESTRATION_TOOL_ID }}\n            # GitHub Context\n            context-github: ${{ toJSON(github) }}\n            # Display Name of the Job\n            job-name: 'ServiceNow Security Scan Results'\n            security-result-attributes: '{\"scanner\": \"Checkmarx One\", \"projectName\": \"\", \"projectId\": \"\", \"scanId\": \"\", \"securityToolId\": \"\"}'\n            # scanner: Scanning tool and is required e.g. Checkmarx One.\n            # projectName/projectId: Name/Id of your Checkmarx One project and is required. This attribute is applicable only for Checkmarx One.\n            # scanId: Checkmarx One scan id and is optional. This attribute is applicable only for Checkmarx One.\n            # securityToolId: Security tool onboarded in ServiceNow (sys_id of the onboarded security tool) and is optional.\n```\n\n### GitHub-Checkmarx SAST:\n```yaml\n  ServiceNowSecurityScanResults:\n    # type of machine to run the job on\n    runs-on: ubuntu-latest\n    name: ServiceNow Security Scan Results\n    steps:\n      - name: ServiceNow DevOps Security Results\n        uses: ServiceNow/servicenow-devops-security-result@v3.1.0\n        with:\n            # Devops Integration User Name\n            devops-integration-user-name: ${{ secrets.SN_DEVOPS_USER }}\n            # Devops Integration User Password\n            devops-integration-user-password: ${{ secrets.SN_DEVOPS_PASSWORD }}\n            # ServiceNow Instance URL\n            instance-url: ${{ secrets.SN_INSTANCE_URL }}\n            # Orchestration Tool Id\n            tool-id: ${{ secrets.SN_ORCHESTRATION_TOOL_ID }}\n            # GitHub Context\n            context-github: ${{ toJSON(github) }}\n            # Display Name of the Job\n            job-name: 'ServiceNow Security Scan Results'\n            security-result-attributes: '{\"scanner\": \"Checkmarx SAST\", \"projectId\": \"\", \"securityToolId\": \"\"}'\n            # scanner: Scanning tool and is required e.g. Checkmarx SAST.\n            # projectId: Id of your Checkmarx SAST project and is required. This attribute is applicable only for Checkmarx SAST.\n            # securityToolId: Security tool onboarded in ServiceNow (sys_id of the onboarded security tool) and is optional.\n```\nThe values for secrets should be setup in Step 1. Secrets should be created in Step 2.\n\n## Inputs\n\n### `devops-integration-token`\n\n**Optional**  DevOps Integration Token of GitHub tool created in ServiceNow instance for token based authentication.\n\n### `devops-integration-user-name`\n\n**Optional**  DevOps Integration Username to ServiceNow instance. \n\n### `devops-integration-user-password`\n\n**Optional**  DevOps Integration User Password to ServiceNow instance.\n\n### `instance-url`\n\n**Required**  URL of ServiceNow instance to create change in ServiceNow. \n\n### `tool-id`\n\n**Required**  Orchestration Tool Id for GitHub created in ServiceNow DevOps\n\n### `context-github`\n\n**Required**  Github context contains information about the workflow run details.\n\n### `security-result-attributes`\n\n**Required**  Security Result Attributes\n\n  ```\n  {\n\t\"scanner\": \"\", # Scanning tool and is required e.g. Veracode or Checkmarx One or Checkmarx SAST\n\n\t\"applicationName\": \"\", # Name of your Veracode application and is required. This attribute is applicable only for Veracode.\n\n\t\"buildVersion\": \"\", # Veracode Scan name / build version and is optional. This attribute is applicable only for Veracode.\n\n\t\"projectName\": \"\", # Name of your Checkmarx One project and is required. This attribute is applicable only for Checkmarx One.\n\n\t\"projectId\": \"\", # Id of your Checkmarx One / Checkmarx SAST project and is required. This attribute is applicable only for Checkmarx One and Checkmarx SAST.\n\t\n\t\"scanId\": \"\", # Checkmarx One scan id and is optional. This attribute is applicable only for Checkmarx One.\n\n\t\"securityToolId\": \"\" # Security tool onboarded in ServiceNow (sys_id of the onboarded security tool) and is optional.\n  }\n  ```\n\n## Outputs\nNo outputs produced.\n\n# Notices\n\n## Support Model\n\nServiceNow customers may request support through the [Now Support (HI) portal](https://support.servicenow.com/nav_to.do?uri=%2Fnow_support_home.do).\n\n## Governance Model\n\nInitially, ServiceNow product management and engineering representatives will own governance of these integrations to ensure consistency with roadmap direction. In the longer term, we hope that contributors from customers and our community developers will help to guide prioritization and maintenance of these integrations. At that point, this governance model can be updated to reflect a broader pool of contributors and maintainers. \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fservicenow%2Fservicenow-devops-security-result","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fservicenow%2Fservicenow-devops-security-result","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fservicenow%2Fservicenow-devops-security-result/lists"}