carabiner-dev / ampelLinks
π΄π‘π’ The Amazing Multipurpose Policy Engine (and L)
β37Updated last week
Alternatives and similar repositories for ampel
Users that are interested in ampel are comparing it to the libraries listed below
Sorting:
- Go implementation of witnessβ42Updated this week
- A tool to create, transform and attest VEX metadataβ170Updated last week
- vexctl is a tool to attest VEX impact statementsβ45Updated 2 years ago
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for soβ¦β103Updated this week
- sigstore the hard way!β116Updated 4 months ago
- Go module to generate and transform VEX documentsβ52Updated 2 weeks ago
- An SBOM query language and associated utilitiesβ55Updated last year
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko geneβ¦β104Updated last year
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utilityβ60Updated 2 years ago
- β71Updated 3 weeks ago
- Simple tool that allows you to detect imposter commits in GitHub Actions workflows.β26Updated last year
- Software Supply Chain Attribute Integrity (SCAI) Demos and CLI toolsβ18Updated 2 weeks ago
- Format agnostic SBOM toolingβ130Updated last month
- A specification for signing methods and formats used by Secure Systems Lab projects.β90Updated last month
- β253Updated last week
- β58Updated 3 years ago
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.β142Updated this week
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.β70Updated this week
- An query language and interactive tooling to work with SBOM data.β14Updated last year
- OpenVEX Specificationβ164Updated 7 months ago
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.β70Updated 2 weeks ago
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworksβ33Updated 8 months ago
- β20Updated 7 months ago
- Log monitor for Rekor to verify immutability and monitor entriesβ43Updated this week
- β56Updated 2 weeks ago
- A CLI tool for creating secure by design/default source repos.β28Updated last year
- Scans SBOMs for vulnerabilities with Grypeβ85Updated last week
- sigstore installation walkthrough, localβ62Updated 3 weeks ago
- Administrative tooling for Falcoβ117Updated 2 weeks ago
- A CLI used to work with the Wolfi OSS projectβ67Updated 2 weeks ago