docker / buildkit-syft-scannerLinks
BuildKit Syft scanner
☆35Updated last week
Alternatives and similar repositories for buildkit-syft-scanner
Users that are interested in buildkit-syft-scanner are comparing it to the libraries listed below
Sorting:
- Set up your GitHub Actions workflow with a specific version of ORAS☆23Updated last week
- Cosign Github Action☆151Updated 2 weeks ago
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆43Updated last year
- Action for generating attestations for workflow artifacts☆54Updated 2 weeks ago
- Various tools, images, etc. to support the Wolfi OSS project☆26Updated last week
- TUF repository for Sigstore trust root☆107Updated this week
- A CLI used to work with the Wolfi OSS project☆64Updated this week
- Plugin for Docker CLI to support SBOM creation using Syft☆157Updated 3 months ago
- Proof-of-concept SLSA provenance generator for GitHub Actions☆100Updated 2 years ago
- Go library for Sigstore signing and verification☆79Updated this week
- Helm charts for sigstore project☆78Updated this week
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆64Updated this week
- Define Kubernetes native apps and abstractions using object-oriented programming☆79Updated this week
- Log monitor for Rekor to verify immutability and monitor entries☆36Updated last week
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆32Updated 3 months ago
- ☆30Updated last week
- curl images☆89Updated 2 weeks ago
- GitHub Action for creating software bill of materials using Syft.☆196Updated this week
- 📈CNCF-created tool for analyzing and graphing developer contributions☆103Updated this week
- A collection of reusable Github Actions workflows.☆135Updated last week
- Verify provenance from SLSA compliant builders☆275Updated last week
- A proof-of-concept alternative frontend for buildkit☆83Updated 6 years ago
- A sweet little formatter for YAML☆32Updated last week
- Trivy plugin for OCI referrers☆23Updated last year
- Docs and Tutorials for Chainguard☆84Updated this week
- Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images☆184Updated 2 years ago
- Publish a signed build provenance from your GitHub Actions workflow☆63Updated last year
- ☆67Updated this week
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.☆66Updated this week
- Runner Container Hooks for GitHub Actions☆106Updated last week