carabiner-dev / ampelLinks
π΄π‘π’ The Amazing Multipurpose Policy Engine (and L)
β35Updated this week
Alternatives and similar repositories for ampel
Users that are interested in ampel are comparing it to the libraries listed below
Sorting:
- A tool to create, transform and attest VEX metadataβ167Updated this week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for soβ¦β103Updated this week
- sigstore the hard way!β116Updated 4 months ago
- Go implementation of witnessβ42Updated this week
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.β68Updated this week
- vexctl is a tool to attest VEX impact statementsβ45Updated 2 years ago
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable suppβ¦β150Updated this week
- Scans SBOMs for vulnerabilities with Grypeβ85Updated this week
- sigstore installation walkthrough, localβ62Updated last year
- β58Updated 3 years ago
- β69Updated last year
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworksβ33Updated 7 months ago
- β20Updated 6 months ago
- Software Supply Chain Attribute Integrity (SCAI) Demos and CLI toolsβ18Updated this week
- β253Updated this week
- A specification for signing methods and formats used by Secure Systems Lab projects.β88Updated last month
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.β70Updated this week
- Go module to generate and transform VEX documentsβ51Updated last week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utilityβ60Updated 2 years ago
- Go library for Sigstore signing and verificationβ79Updated this week
- OpenVEX Specificationβ162Updated 6 months ago
- Format agnostic SBOM toolingβ123Updated 3 weeks ago
- An SBOM query language and associated utilitiesβ54Updated last year
- β23Updated 4 years ago
- Securing Alice's, Bob's and Carl's software supply chain using in-totoβ101Updated last week
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.β142Updated last week
- Helm charts for sigstore projectβ83Updated last week
- An query language and interactive tooling to work with SBOM data.β14Updated last year
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko geneβ¦β103Updated last year
- Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-uβ¦β67Updated this week