actions / attestLinks
Action for generating attestations for workflow artifacts
☆58Updated this week
Alternatives and similar repositories for attest
Users that are interested in attest are comparing it to the libraries listed below
Sorting:
- Find stale repositories in a GitHub organization.☆186Updated last week
- An Action for printing OIDC claims in GitHub Actions.☆106Updated this week
- ☆51Updated this week
- Action for generating SBOM attestations for workflow artifacts☆35Updated last week
- Publish a signed build provenance from your GitHub Actions workflow☆63Updated last year
- About GitHub Actions runner images provided by 3rd parties☆159Updated 2 weeks ago
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆92Updated 2 weeks ago
- Sigstore's Protocol Buffer specifications☆33Updated last week
- Cosign Github Action☆153Updated this week
- Search Rekor for entries☆35Updated last week
- Official GitHub Action for OpenSSF Scorecard.☆327Updated this week
- Runner Container Hooks for GitHub Actions☆108Updated last week
- Workflow for redistribution of Node.JS for actions/runner☆10Updated last week
- Find license compliance and security issues in your applications with FOSSA and GitHub Actions.☆56Updated this week
- Calculates dependencies for a Go build-target and submits the list to the Dependency Submission API☆63Updated this week
- GitHub Action to check PRs for signed commits☆55Updated last year
- Example of using Actions OIDC token to proxy into a private network☆97Updated 4 months ago
- Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).☆96Updated last year
- Orchestrate GitHub Actions Security☆294Updated 2 weeks ago
- Codecov's Command Line Interface. Used for uploading to Codecov in your CI, Test Labelling, Local Upload, and more☆73Updated last month
- This tool allows GHES administrators to sync Actions to their instances☆126Updated 2 months ago
- A GitHub App that allows you to contribute upstream using private mirrors of public projects☆166Updated 3 weeks ago
- Reusable workflows for developing actions☆70Updated last week
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆204Updated last week
- BuildKit Syft scanner☆35Updated last week
- Template repo for creating container actions using https://github.com/actions/toolkit/☆144Updated last week
- GitHub Action for creating software bill of materials using Syft.☆198Updated last week
- Go library for Sigstore signing and verification☆79Updated last week
- TUF repository for Sigstore trust root☆107Updated this week
- Generate SBOMs with gh CLI☆191Updated 2 months ago