github-early-access / generate-build-provenanceLinks
Publish a signed build provenance from your GitHub Actions workflow
☆62Updated last year
Alternatives and similar repositories for generate-build-provenance
Users that are interested in generate-build-provenance are comparing it to the libraries listed below
Sorting:
- Action for generating attestations for workflow artifacts☆60Updated last week
- Code-signing for npm packages☆169Updated last week
- A GitHub App that allows you to contribute upstream using private mirrors of public projects☆168Updated last month
- Find stale repositories in a GitHub organization.☆188Updated last week
- GitHub Action to expose GitHub runtime to the workflow☆80Updated last month
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆105Updated last month
- An Action for printing OIDC claims in GitHub Actions.☆109Updated 2 weeks ago
- Official GitHub Action for OpenSSF Scorecard.☆337Updated this week
- Orchestrate GitHub Actions Security☆295Updated last month
- ☆54Updated last week
- Go library for Sigstore signing and verification☆82Updated last week
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆211Updated last week
- GitHub token permissions Monitor and Advisor actions☆337Updated last week
- About GitHub Actions runner images provided by 3rd parties☆184Updated 2 months ago
- Verify provenance from SLSA compliant builders☆285Updated 2 months ago
- Runner Container Hooks for GitHub Actions☆115Updated this week
- Find license compliance and security issues in your applications with FOSSA and GitHub Actions.☆58Updated this week
- Cosign Github Action☆161Updated 3 weeks ago
- GitHub Action to use Docker Buildx Bake as a high-level build command☆264Updated 3 weeks ago
- ☆409Updated this week
- GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.☆127Updated last week
- BuildKit Syft scanner☆36Updated 3 weeks ago
- Language-agnostic SLSA provenance generation for Github Actions☆500Updated 3 months ago
- GitHub Action for creating software bill of materials using Syft.☆202Updated 2 weeks ago
- Search Rekor for entries☆38Updated 3 weeks ago
- Log monitor for Rekor to verify immutability and monitor entries☆38Updated this week
- A GitHub app to check that pull requests follow the Conventional Commits spec☆136Updated this week
- GitHub Action to combine multiple PRs into a single one☆135Updated 6 months ago
- Codecov's Command Line Interface. Used for uploading to Codecov in your CI, Test Labelling, Local Upload, and more☆73Updated 2 months ago
- TUF repository for Sigstore trust root☆108Updated last week