anchore / chronicle
a fast changelog generator sourced from PRs and Issues
☆54Updated this week
Alternatives and similar repositories for chronicle:
Users that are interested in chronicle are comparing it to the libraries listed below
- Compare vulnerability scanners results (to make them better!)☆16Updated last week
- An SBOM query language and associated utilities☆54Updated last year
- A CLI used to work with the Wolfi OSS project☆61Updated this week
- A tool to create, transform and attest VEX metadata☆130Updated last week
- ☆32Updated 4 months ago
- ☆33Updated 10 months ago
- SPDX Merge tool☆41Updated this week
- Sigstore user stories☆29Updated last year
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆86Updated this week
- Throw a tag at it and it comes back with a checksum.☆112Updated last week
- ☆42Updated this week
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆79Updated this week
- Manage a directory of binaries without a package manager☆27Updated this week
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆60Updated this week
- Security advisory data for Wolfi☆14Updated this week
- Various tools, images, etc. to support the Wolfi OSS project☆21Updated 2 weeks ago
- ☆27Updated this week
- Dynamic GitHub Actions from Wolfi packages☆42Updated 9 months ago
- Search an SBOM for licenses and the packages they belong to☆75Updated last week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆61Updated last year
- Format agnostic SBOM tooling☆100Updated this week
- Darkfiles finds orphaned files in container images and makes them to bad deeds☆41Updated last year
- jq for .tf files (Terraform/OpenTofu)☆26Updated 11 months ago
- ☆41Updated 2 years ago
- Docs and Tutorials for Chainguard☆82Updated this week
- bomsh is collection of tools to explore the OmniBOR idea☆21Updated 4 months ago
- Go library for Sigstore signing and verification☆58Updated this week
- Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations☆54Updated 2 weeks ago
- Protocol Buffer specifications☆27Updated this week