google / oss-rebuildLinks
Securing open-source package ecosystems by originating, validating, and augmenting build attestations.
☆648Updated this week
Alternatives and similar repositories for oss-rebuild
Users that are interested in oss-rebuild are comparing it to the libraries listed below
Sorting:
- Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system…☆340Updated last month
- OSV-SCALIBR: A library for Software Composition Analysis☆502Updated this week
- Resources for the deps.dev API☆343Updated last week
- HTTP(s) request filter for processes☆620Updated this week
- A security layer for Git repositories☆546Updated this week
- Globstar is a fast, feature-rich, and open-source static analysis toolkit for writing and running code checkers. Based on tree-sitter.☆456Updated 2 months ago
- Kingfisher is a blazingly fast tool for secret detection and live validation across files, Git repos, S3, Docker images, Jira, Slack, and…☆581Updated this week
- Security scanner for MCP servers☆509Updated 5 months ago
- Protect against malicious open source packages 🤖☆781Updated this week
- Dockerfile formatter. a modern dockfmt.☆538Updated 3 weeks ago
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆887Updated 2 weeks ago
- Validate the isolation posture of your container environment.☆299Updated last month
- ICANN implementation of the Registry Data Access Protocol (RDAP)☆393Updated this week
- Programmatic sandboxing tool☆249Updated last month
- vet is a command-line tool that acts as a safety net for the risky curl | bash pattern. It lets you inspect, diff against previous versio…☆956Updated last month
- ☆448Updated 2 weeks ago
- OpenVEX Specification☆158Updated 3 months ago
- Format agnostic SBOM tooling☆115Updated this week
- A universal SBOM representation in protocol buffers☆300Updated this week
- #supply #chain #attack #detection☆554Updated this week
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆229Updated last week
- A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalo…☆383Updated 11 months ago
- [Experimental] jail for Go modules☆94Updated 2 weeks ago
- Verify provenance from SLSA compliant builders☆284Updated 2 months ago
- Reference implementation of OpenPubkey☆856Updated last month
- Terminal OpenAPI Spec viewer☆691Updated this week
- Prevent merging of malicious code in pull requests☆235Updated 6 months ago
- NGINX configuration static analyzer☆1,064Updated last month
- ☆42Updated last month
- Throw a tag at it and it comes back with a checksum.☆151Updated this week