Securing open-source package ecosystems by originating, validating, and augmenting build attestations.
☆685Mar 27, 2026Updated this week
Alternatives and similar repositories for oss-rebuild
Users that are interested in oss-rebuild are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆22Mar 13, 2025Updated last year
- OSV-SCALIBR: A library for Software Composition Analysis☆580Updated this week
- automatically detect software supply chain smells and issues http://arxiv.org/pdf/2410.16049☆18Mar 13, 2026Updated 2 weeks ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆44Mar 19, 2026Updated last week
- An implementation of the Static CT API based on Tessera.☆29Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Find multiple versions of dependencies from pnpm lockfile.☆20Mar 23, 2026Updated last week
- Reproducible Central: rebuild instructions for artifacts published to (Maven) Central Repository☆138Mar 22, 2026Updated last week
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆333Updated this week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,462Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆473Updated this week
- A Kubernetes agent to synchronize APIs and their objects between Kubernetes clusters and kcp.☆18Mar 6, 2026Updated 3 weeks ago
- Mermaid generator typed in TypeScript☆14Dec 27, 2023Updated 2 years ago
- Fix TypeScript Declarations for default CJS exports☆13Mar 23, 2025Updated last year
- #supply #chain #attack #detection☆646Updated this week
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Visualizer for GUAC☆30Updated this week
- Sbommage is an interactive terminal frontend for viewing Software Bill of Materials (SBOM) files in various formats.☆37Nov 10, 2025Updated 4 months ago
- Prettier plugin for formatting JSDoc type annotations.☆15Mar 23, 2026Updated last week
- Software Supply Chain Transparency Log☆1,103Mar 23, 2026Updated last week
- Shim for connecting Swift host code to BuildKit running in a container.☆112Mar 16, 2026Updated 2 weeks ago
- NAT64 agent for Kubernetes deployments☆34Mar 11, 2026Updated 2 weeks ago
- ☆1,141Jan 26, 2026Updated 2 months ago
- Resources for the deps.dev API☆389Mar 23, 2026Updated last week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆520Mar 23, 2026Updated last week
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- テストの書き方やテクニックを学ぶハンズオンです☆10May 11, 2021Updated 4 years ago
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆8,607Updated this week
- ☆14Sep 26, 2021Updated 4 years ago
- ☆19Feb 4, 2026Updated last month
- Enable interactions with a cluster and its resources: built-in types, CRDs and COs.☆12May 17, 2024Updated last year
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆238Updated this week
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆146Mar 20, 2026Updated last week
- Format agnostic SBOM tooling☆135Nov 20, 2025Updated 4 months ago
- ☆16May 15, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- SBOM Explorer - Discover and pull public SBOMs☆20May 23, 2025Updated 10 months ago
- go-ima is a tool that checks if a file has been tampered with. It is useful in ensuring integrity in CI systems☆14Sep 28, 2023Updated 2 years ago
- SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆539Updated this week
- Fedora Atomic images built on top of Onyx, designed for Budgie Desktop development☆11Feb 11, 2024Updated 2 years ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,572Updated this week
- Keyless Git signing using Sigstore☆1,073Mar 23, 2026Updated last week
- A helper for library maintainers to use symbol versioning☆11Jul 7, 2025Updated 8 months ago