Securing open-source package ecosystems by originating, validating, and augmenting build attestations.
☆704Jun 16, 2026Updated last week
Alternatives and similar repositories for oss-rebuild
Users that are interested in oss-rebuild are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Install, update and remove AppImage from your CLI. appimage, linux, package-manager☆19May 21, 2025Updated last year
- OSV-SCALIBR: A library for Software Composition Analysis☆618Updated this week
- automatically detect software supply chain smells and issues http://arxiv.org/pdf/2410.16049☆19Apr 14, 2026Updated 2 months ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆48Jun 15, 2026Updated last week
- An implementation of the Static CT API based on Tessera.☆31Jun 15, 2026Updated last week
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- SBOM Move - Automate build and transfer of SBOMs across systems☆27May 4, 2026Updated last month
- Reproducible Central: rebuild instructions for artifacts published to (Maven) Central Repository☆144Updated this week
- ✨ Experimental proof-of-concept typescript-go powered JS/TS linter written in Go☆518Jul 13, 2025Updated 11 months ago
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆369Updated this week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,511Updated this week
- A Kubernetes agent to synchronize APIs and their objects between Kubernetes clusters and kcp.☆21Jun 17, 2026Updated last week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆556Updated this week
- Mermaid generator typed in TypeScript☆14Dec 27, 2023Updated 2 years ago
- Fix TypeScript Declarations for default CJS exports☆13Mar 23, 2025Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Visualizer for GUAC☆36Updated this week
- Prettier plugin for formatting JSDoc type annotations.☆15Updated this week
- Software Supply Chain Transparency Log☆1,164Jun 16, 2026Updated last week
- An extreme minimal dependency bootstrap in Bazel to get to a working CC toolchain☆12Oct 18, 2024Updated last year
- Shim for connecting Swift host code to BuildKit running in a container.☆125Jun 9, 2026Updated 2 weeks ago
- NAT64 agent for Kubernetes deployments☆36Jun 10, 2026Updated 2 weeks ago
- ☆13Jun 26, 2023Updated 2 years ago
- ☆1,162Updated this week
- Resources for the deps.dev API☆416Jun 17, 2026Updated last week
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆534Updated this week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆10,558Updated this week
- テストの書き方やテクニックを学ぶハンズオンです☆10May 11, 2021Updated 5 years ago
- Build OCI images from APK packages directly without Dockerfile☆1,639Updated this week
- ☆19May 23, 2026Updated last month
- Enable interactions with a cluster and its resources: built-in types, CRDs and COs.☆12May 17, 2024Updated 2 years ago
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆150Jun 5, 2026Updated 2 weeks ago
- Format agnostic SBOM tooling☆138Nov 20, 2025Updated 7 months ago
- ☆259Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆16May 15, 2024Updated 2 years ago
- SBOM Explorer - Discover and pull public SBOMs☆21May 23, 2025Updated last year
- go-ima is a tool that checks if a file has been tampered with. It is useful in ensuring integrity in CI systems☆14Sep 28, 2023Updated 2 years ago
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆373Updated this week
- in-toto is a framework to protect supply chain integrity.☆1,009Jun 15, 2026Updated last week
- SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆558Updated this week
- Keyless Git signing using Sigstore☆1,094Jun 15, 2026Updated last week