Publish a signed build provenance from your GitHub Actions workflow
☆62May 21, 2024Updated 2 years ago
Alternatives and similar repositories for generate-build-provenance
Users that are interested in generate-build-provenance are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…☆11May 11, 2026Updated last month
- Submit SBOMs to GitHub's dependency submission API☆19Dec 4, 2025Updated 7 months ago
- ☆57Jun 1, 2022Updated 4 years ago
- Generates SPDX bill-of-material files from a package input and license scan☆13Apr 15, 2024Updated 2 years ago
- Go implementation of The Update Framework heavily influenced by python-tuf☆14Mar 7, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Supply Chain Query Tool☆13May 25, 2022Updated 4 years ago
- ☆12Jun 24, 2024Updated 2 years ago
- Docker CI scripts☆12Nov 24, 2025Updated 7 months ago
- Action for generating build provenance attestations for workflow artifacts☆968Jun 26, 2026Updated last week
- An SBOM query language and associated utilities☆55Jan 22, 2024Updated 2 years ago
- GitHub actions for the chainguard-images☆21Jun 22, 2026Updated last week
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆34Apr 22, 2025Updated last year
- Stackdriver Logging / GCP Cloud Logging handler for the go 1.21 slog package.☆10Feb 24, 2025Updated last year
- A java api and command line tool for scanning, reporting and fixing a git repository's InnerSource Readiness based on a supplied specific…☆20Sep 8, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Language-agnostic SLSA provenance generation for Github Actions☆582Mar 29, 2026Updated 3 months ago
- ☆23Oct 26, 2021Updated 4 years ago
- Enrich SBOMs with data from third party services☆230May 18, 2026Updated last month
- A GitHub Action for sigstore-python☆70Jun 26, 2026Updated last week
- Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools☆19Jun 22, 2026Updated last week
- Libs and tools used to build all *-version tools for GitHub Actions☆31Jun 22, 2026Updated last week
- sentry internal pypi☆22Jun 26, 2026Updated last week
- Set timeout-minutes to all GitHub Actions jobs☆37Jun 27, 2026Updated last week
- AWS ECR scanning slack notifications☆13Jul 19, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆150Jun 5, 2026Updated 3 weeks ago
- Official GitHub Action for OpenSSF Scorecard.☆390Updated this week
- Help protect against malicious build scripts☆29Jun 27, 2026Updated last week
- Go implementation for CNAB content trust verification using TUF, Notary, and in-toto☆31Jul 5, 2023Updated 2 years ago
- Umbrella Repository Service for TUF☆67Jun 26, 2026Updated last week
- Performant source for RPM repositories metadata https://github.com/gridhead/metasource☆13May 18, 2026Updated last month
- Basic integration of truffle and React front-end based on the create-react-app without resorting to the 'reject' mode.☆13Sep 6, 2018Updated 7 years ago
- CLI util: Poor man's rpath for Windows executables.☆12Dec 16, 2018Updated 7 years ago
- MVP for updated PEP 543 proposal☆14Updated this week
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Flancian's digital garden☆27Jun 25, 2026Updated last week
- Real-time node group observability for AWS EKS☆24Apr 21, 2025Updated last year
- A framework for linking the DOM and DOM based events with scripting languages compiled to WASM. Part of the PyScript project.☆12Oct 1, 2024Updated last year
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Jan 27, 2025Updated last year
- Terraform module CloudFront Distribution for S3☆10Jan 14, 2021Updated 5 years ago
- A tool for generating OIDC identities☆15Updated this week
- Terraform module configure IAM in a new AWS account setup☆13Dec 11, 2023Updated 2 years ago