deislabs / image-layer-provenanceLinks
Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.
ā43Updated last year
Alternatives and similar repositories for image-layer-provenance
Users that are interested in image-layer-provenance are comparing it to the libraries listed below
Sorting:
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.ā64Updated this week
- š Rekor transparency log monitoring and alertingā27Updated last year
- Transparenty Immutable Container Image Tagsā20Updated 2 years ago
- ā20Updated last month
- sigstore installation walkthrough, localā62Updated last year
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.ā66Updated this week
- Build and deploy Go applications with Terraformā29Updated this week
- ā57Updated 3 years ago
- Integrates Spiffe and Vault to have secretless authenticationā90Updated last week
- Helm charts for sigstore projectā78Updated last week
- ā23Updated 2 years ago
- Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosignā11Updated 3 years ago
- kubectl plugin for signing Kubernetes manifest YAML files with sigstoreā84Updated 2 weeks ago
- Trust Dexter to ensure that all your images are pinned by digest for better securityā29Updated last year
- ā29Updated 11 months ago
- Keyless Git signing with cosign!ā11Updated 3 years ago
- Trivy plugin for OCI referrersā23Updated last year
- A CLI used to work with the Wolfi OSS project