docker / buildkit-syft-scannerLinks
BuildKit Syft scanner
☆36Updated 3 weeks ago
Alternatives and similar repositories for buildkit-syft-scanner
Users that are interested in buildkit-syft-scanner are comparing it to the libraries listed below
Sorting:
- Set up your GitHub Actions workflow with a specific version of ORAS☆23Updated 2 weeks ago
- Various tools, images, etc. to support the Wolfi OSS project☆25Updated this week
- Action for generating attestations for workflow artifacts☆60Updated last week
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆43Updated last year
- A CLI used to work with the Wolfi OSS project☆67Updated last week
- Powering the OpenTofu Registry Search (beta)☆18Updated last month
- Proof-of-concept SLSA provenance generator for GitHub Actions☆100Updated 2 years ago
- ☆68Updated this week
- Cosign Github Action☆161Updated 3 weeks ago
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆65Updated last week
- GitHub Action to check Docker system status in your workflow☆11Updated 3 weeks ago
- A collection of reusable Github Actions workflows.☆142Updated last week
- Trivy plugin for OCI referrers☆23Updated last year
- TUF repository for Sigstore trust root☆108Updated last week
- Overview of philips-labs helm charts☆17Updated 3 weeks ago
- ☆30Updated this week
- A sweet little formatter for YAML☆32Updated last week
- GitHub Action to expose GitHub runtime to the workflow☆80Updated last month
- SLSA level 3 action☆11Updated last year
- Helm charts for sigstore project☆81Updated last week
- Go library for Sigstore signing and verification☆82Updated last week
- ☆24Updated 8 months ago
- Define Kubernetes native apps and abstractions using object-oriented programming☆80Updated this week
- GitVote is a GitHub application that allows holding a vote on issues and pull requests☆125Updated this week
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.☆68Updated last week
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆33Updated 5 months ago
- Verify provenance from SLSA compliant builders☆285Updated 2 months ago
- CLOWarden is a tool that manages access to resources across multiple services☆56Updated last week
- 📈CNCF-created tool for analyzing and graphing developer contributions☆110Updated this week
- ☆57Updated 3 years ago