Alternatives and similar repositories for safety-web

Users that are interested in safety-web are comparing it to the libraries listed below

• google / oss-rebuild
  Securing open-source package ecosystems by originating, validating, and augmenting build attestations.
  ☆43Updated this week
• google / acjs
  ☆10Updated 7 months ago
• transparency-dev / tessera
  Go library for building tile-based transparency logs (tlogs)
  ☆82Updated this week
• googleapis / enterprise-certificate-proxy
  Repository for the Enterprise Certificate Proxy project.
  ☆26Updated 4 months ago
• chainguard-dev / justtrustme
  ☆55Updated 3 weeks ago
• chainguard-dev / crow-registry
  ☆24Updated last year
• tacosframework / TACOS-spec
  TACOS framework structural details
  ☆20Updated 2 months ago
• google / containerdbg
  ☆74Updated 2 months ago
• theupdateframework / tuf-on-ci
  A TUF repository and signing tool
  ☆38Updated this week
• sigstore / rekor-tiles
  Signature Transparency Log designed for ease of use, low cost, and minimal maintenance
  ☆16Updated this week
• google / s2a-go
  ☆23Updated 3 months ago
• ossf / great-mfa-project
  The Great Multi-Factor Authentication (MFA) Distribution Project of the Open Source Security Foundation (OpenSSF). We work to distribute …
  ☆54Updated 3 years ago
• mikewest / baseline-header
  What if developers could opt-into better default behaviors en masse, forcing them to pick and choose the legacy risks they want to enable…
  ☆19Updated 2 years ago
• google / har-sanitizer
  ☆72Updated last year
• transparency-dev / armored-witness
  ☆26Updated last week
• google / localtoast
  ☆113Updated last week
• mchmarny / disco
  Utility for bulk image, license, package, and vulnerability discovery in containerize workloads on GCP. Includes CLI and Service with cus…
  ☆14Updated last year
• github / go-spdx
  Golang implementation of a checker for determining if an SPDX ID satisfies an SPDX Expression.
  ☆37Updated 2 weeks ago
• mikewest / strict-csp-for-everyone
  This is both a terrible and wonderful idea.
  ☆12Updated 5 years ago
• tailscale / ToBeReviewedBot
  GitHub App to watch for PRs merged without a reviewer approving.
  ☆125Updated 3 months ago
• slsa-framework / slsa-github-generator-go
  ☆57Updated 3 years ago
• google / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆136Updated last year
• github / artifact-attestations-helm-charts
  Helm charts for verifying artifact attestations in Kubernetes
  ☆15Updated 2 weeks ago
• shoenig / go-landlock
  Go filesystem isolation via Linux landlock sandbox
  ☆17Updated 4 months ago
• google / ctrdac
  ☆11Updated 5 months ago
• FiloSottile / torchwood
  A collection of open source tlog tooling.
  ☆16Updated last week
• GoogleCloudPlatform / assured-workloads-terraform
  ☆16Updated 11 months ago
• google / ebpf-transport-monitoring
  ☆21Updated 3 weeks ago
• sigstore / friends
  Sigstore user stories
  ☆30Updated last year
• fido-device-onboard / go-fdo
  A FIDO Device Onboard library with minimal dependencies
  ☆27Updated 2 weeks ago