Securing open-source package ecosystems by originating, validating, and augmenting build attestations.
☆695May 7, 2026Updated this week
Alternatives and similar repositories for oss-rebuild
Users that are interested in oss-rebuild are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆22Mar 13, 2025Updated last year
- OSV-SCALIBR: A library for Software Composition Analysis☆596May 6, 2026Updated last week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆48Updated this week
- An implementation of the Static CT API based on Tessera.☆30Updated this week
- SBOM Move - Automate build and transfer of SBOMs across systems☆26May 4, 2026Updated last week
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ✨ Experimental proof-of-concept typescript-go powered JS/TS linter written in Go☆514Jul 13, 2025Updated 10 months ago
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆349Updated this week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,489Updated this week
- A Kubernetes agent to synchronize APIs and their objects between Kubernetes clusters and kcp.☆19Apr 28, 2026Updated 2 weeks ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆507Updated this week
- Mermaid generator typed in TypeScript☆14Dec 27, 2023Updated 2 years ago
- Fix TypeScript Declarations for default CJS exports☆13Mar 23, 2025Updated last year
- #supply #chain #attack #detection☆653May 5, 2026Updated last week
- Visualizer for GUAC☆33Apr 25, 2026Updated 2 weeks ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Datasette plugin for streaming SQLite database backups to S3, using Litestream!☆19Jan 20, 2026Updated 3 months ago
- Blazingly fast Morse code encoding/decoding☆16Oct 24, 2025Updated 6 months ago
- Sbommage is an interactive terminal frontend for viewing Software Bill of Materials (SBOM) files in various formats.☆38Nov 10, 2025Updated 6 months ago
- Prettier plugin for formatting JSDoc type annotations.☆15Updated this week
- Software Supply Chain Transparency Log☆1,132May 5, 2026Updated last week
- Shim for connecting Swift host code to BuildKit running in a container.☆117Apr 18, 2026Updated 3 weeks ago
- NAT64 agent for Kubernetes deployments☆36May 6, 2026Updated last week
- ☆1,154May 5, 2026Updated last week
- Resources for the deps.dev API☆403Apr 22, 2026Updated 3 weeks ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆524Updated this week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆10,117Updated this week
- テストの書き方やテクニックを学ぶハンズオンです☆10May 11, 2021Updated 5 years ago
- ☆14Sep 26, 2021Updated 4 years ago
- Build OCI images from APK packages directly without Dockerfile☆1,606Updated this week
- ☆19Apr 1, 2026Updated last month
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆150Updated this week
- Format agnostic SBOM tooling☆137Nov 20, 2025Updated 5 months ago
- ☆257May 5, 2026Updated last week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆16May 15, 2024Updated last year
- SBOM Explorer - Discover and pull public SBOMs☆21May 23, 2025Updated 11 months ago
- go-ima is a tool that checks if a file has been tampered with. It is useful in ensuring integrity in CI systems☆14Sep 28, 2023Updated 2 years ago
- in-toto is a framework to protect supply chain integrity.☆1,002May 5, 2026Updated last week
- Fedora Atomic images built on top of Onyx, designed for Budgie Desktop development☆11Feb 11, 2024Updated 2 years ago
- SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆549Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆15,045Updated this week