A license scanner for container images and filesystems.
☆143Feb 26, 2026Updated this week
Alternatives and similar repositories for grant
Users that are interested in grant are comparing it to the libraries listed below
Sorting:
- Repository of SBOMs generated by the syft SBOM generator tool, against a list of popular dockerhub container images.☆19Oct 9, 2024Updated last year
- a fast changelog generator sourced from PRs and Issues☆60Feb 20, 2026Updated last week
- ☆62Updated this week
- Manage a directory of binaries without a package manager☆48Feb 19, 2026Updated last week
- Compare vulnerability scanners results (to make them better!)☆27Feb 20, 2026Updated last week
- GitHub Action for creating software bill of materials using Syft.☆225Updated this week
- ☆49Updated this week
- A Kubewarden Policy that verifies all the signatures of the container images referenced by a Pod☆13Jan 20, 2026Updated last month
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,416Updated this week
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆110Feb 20, 2026Updated last week
- Welcome to the atomic future of Linux☆22Updated this week
- Various tools, images, etc. to support the Wolfi OSS project☆27Updated this week
- go library for processing container images and simulating a squash filesystem☆104Updated this week
- Scans SBOMs for vulnerabilities with Grype☆85Feb 21, 2026Updated last week
- T2 hardware enablement for Fedora Atomic Desktops☆24Jan 21, 2026Updated last month
- Trivy plugin for OCI referrers☆23May 13, 2024Updated last year
- Add CA certificates into containers☆166Feb 10, 2026Updated 2 weeks ago
- Evangelizing the mission and work of the OpenSSF and building strong community outreach around end-users, open-source maintainers, and co…☆23May 2, 2024Updated last year
- Darkfiles finds orphaned files in container images and makes them to bad deeds☆42May 11, 2023Updated 2 years ago
- Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations☆59Feb 23, 2026Updated last week
- A Go program to display certificate chains simply and quickly with an easy to remember syntax�☆28Oct 28, 2024Updated last year
- Machine-readable specification for the attestation of security-relevant data.☆72Updated this week
- A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs☆431Feb 1, 2026Updated last month
- Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.☆81Feb 20, 2026Updated last week
- Cloud Storage Kubernetes Operator with Go and Operator SDK☆12Nov 20, 2020Updated 5 years ago
- demo of keyless signing with the sigstore kubernetes policy controller☆11Sep 7, 2022Updated 3 years ago
- Generate Software Bill of Materials (SBOM) from virtual machine disk images, without booting the VM.☆17Feb 20, 2026Updated last week
- SBOM generator for Debian-based distributions☆26Feb 10, 2026Updated 2 weeks ago
- Terraform provider to perform OCI image operations☆15Updated this week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆108Feb 23, 2026Updated last week
- vexctl is a tool to attest VEX impact statements☆45Mar 27, 2023Updated 2 years ago
- Example directory of Kubernetes YAML and Quadlets tested with Podman☆59Updated this week
- Binary builds for dep-scan - The Dependency Scanner☆10Apr 1, 2024Updated last year
- sigstore helm-charts and build scripts opinionated for running on OCP and RHEL☆12Mar 3, 2025Updated 11 months ago
- Showcasing the potential of SPIFFE with real-life services�☆10Jan 27, 2026Updated last month
- CentOS Homeserver appliance with Portainer, Cockpit and ZFS☆13Feb 3, 2026Updated 3 weeks ago
- A High-Availability distribution of Knative.☆20Mar 20, 2024Updated last year
- ☆16Updated this week
- Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners☆14Feb 13, 2026Updated 2 weeks ago