github-early-access / generate-build-provenanceLinks
Publish a signed build provenance from your GitHub Actions workflow
☆63Updated last year
Alternatives and similar repositories for generate-build-provenance
Users that are interested in generate-build-provenance are comparing it to the libraries listed below
Sorting:
- Action for generating attestations for workflow artifacts☆50Updated last week
- Go library for Sigstore signing and verification☆68Updated last week
- Runner Container Hooks for GitHub Actions☆95Updated last month
- An Action for printing OIDC claims in GitHub Actions.☆94Updated 2 months ago
- GitHub Action to expose GitHub runtime to the workflow☆72Updated 2 months ago
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆86Updated 6 months ago
- BuildKit Syft scanner☆31Updated last week
- Find license compliance and security issues in your applications with FOSSA and GitHub Actions.☆53Updated this week
- Action for generating SBOM attestations for workflow artifacts☆31Updated last week
- Purpose-built security agent for hosted runners☆36Updated 3 weeks ago
- GitHub Action to use Docker Buildx Bake as a high-level build command☆249Updated last week
- Find stale repositories in a GitHub organization.☆182Updated this week
- Official GitHub Action for OpenSSF Scorecard.☆307Updated this week
- A GitHub App that allows you to contribute upstream using private mirrors of public projects☆163Updated this week
- Code-signing for npm packages☆162Updated 2 weeks ago
- A generated Go SDK from GitHub's OpenAPI specification. Built on Kiota.☆83Updated 2 months ago
- Verify provenance from SLSA compliant builders☆262Updated last week
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆200Updated this week
- ☆30Updated 3 weeks ago
- Throw a tag at it and it comes back with a checksum.☆136Updated this week
- Cosign Github Action☆148Updated 2 weeks ago
- Log monitor for Rekor to verify immutability and monitor entries☆34Updated last week
- GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.☆123Updated this week
- A collection of reusable Github Actions workflows.☆132Updated last week
- A TypeScript library for creating dependency snapshots.☆48Updated last week
- Search Rekor for entries☆34Updated 2 months ago
- ☆50Updated 2 weeks ago
- TUF repository for Sigstore trust root☆103Updated this week
- GitHub Action for creating software bill of materials using Syft.☆187Updated last week
- in-toto Attestation Framework☆274Updated 2 weeks ago