actions / attest-build-provenanceView external linksLinks
Action for generating build provenance attestations for workflow artifacts
☆884Feb 9, 2026Updated last week
Alternatives and similar repositories for attest-build-provenance
Users that are interested in attest-build-provenance are comparing it to the libraries listed below
Sorting:
- Action for generating attestations for workflow artifacts☆64Updated this week
- Publish a signed build provenance from your GitHub Actions workflow☆63May 21, 2024Updated last year
- Action for generating SBOM attestations for workflow artifacts☆43Feb 9, 2026Updated last week
- Language-agnostic SLSA provenance generation for Github Actions☆546Oct 20, 2025Updated 3 months ago
- Cosign Github Action☆182Jan 26, 2026Updated 3 weeks ago
- ☆56Updated this week
- A GitHub Action for detecting vulnerable dependencies and invalid licenses in your PRs☆782Feb 2, 2026Updated 2 weeks ago
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆114Aug 8, 2025Updated 6 months ago
- in-toto Attestation Framework☆323Updated this week
- About GitHub Actions runner images provided by 3rd parties☆217Jan 8, 2026Updated last month
- Verify provenance from SLSA compliant builders☆307Nov 20, 2025Updated 2 months ago
- Extract information about the dependencies being updated by a Dependabot-generated PR.☆295Updated this week
- Sigstore's Protocol Buffer specifications☆34Feb 9, 2026Updated last week
- GitHub Action for creating a GitHub App Installation Access Token☆717Feb 1, 2026Updated 2 weeks ago
- The GitHub ToolKit for developing GitHub Actions.☆5,633Updated this week
- A composite action for packaging and uploading an artifact that can be deployed to GitHub Pages.☆457Aug 22, 2025Updated 5 months ago
- ☆1,772Jan 30, 2026Updated 2 weeks ago
- Set up your GitHub Actions workflow with a specific version of node.js☆4,643Updated this week
- Libs and tools used to build all *-version tools for GitHub Actions☆31Dec 15, 2025Updated 2 months ago
- Write workflows scripting the GitHub API in JavaScript☆4,865Jan 7, 2026Updated last month
- Software Supply Chain Transparency Log☆1,078Updated this week
- GitHub Action to publish artifacts to GitHub Pages for deployments☆864Oct 14, 2024Updated last year
- A GitHub Action for sigstore-python☆65Updated this week
- A specification for signing methods and formats used by Secure Systems Lab projects.☆94Nov 10, 2025Updated 3 months ago
- Orchestrate GitHub Actions Security☆303Jan 16, 2026Updated last month
- Official GitHub Action for OpenSSF Scorecard.☆356Feb 10, 2026Updated last week
- Runner Container Hooks for GitHub Actions☆125Updated this week
- ☆40Feb 9, 2026Updated last week
- Action for checking out a repo☆7,529Feb 3, 2026Updated last week
- Workflow for redistribution of Node.JS for actions/runner☆11Jan 18, 2026Updated 3 weeks ago
- 🤖 Dependabot's core logic for creating update PRs.☆5,387Updated this week
- An Action for printing OIDC claims in GitHub Actions.☆117Sep 22, 2025Updated 4 months ago
- Template repo for creating container actions using https://github.com/actions/toolkit/☆158Feb 9, 2026Updated last week
- Cache dependencies and build outputs in GitHub Actions☆5,252Feb 3, 2026Updated 2 weeks ago
- Accelerating new GitHub Actions workflows☆11,248Dec 4, 2025Updated 2 months ago
- Code signing and transparency for containers and binaries☆5,649Updated this week
- Reusable workflows for developing actions☆77Dec 15, 2025Updated 2 months ago
- GitHub Action for creating software bill of materials using Syft.☆221Updated this week
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆962Feb 8, 2026Updated last week