Alternatives and similar repositories for safety-web

Users that are interested in safety-web are comparing it to the libraries listed below

• google / oss-rebuild
  Securing open-source package ecosystems by originating, validating, and augmenting build attestations.
  ☆39Updated this week
• shortridge-sensemaking / deciduous-vscode
  VSCode Extension for Deciduous
  ☆9Updated 5 months ago
• tacosframework / TACOS-spec
  TACOS framework structural details
  ☆20Updated this week
• github / artifact-attestations-helm-charts
  Helm charts for verifying artifact attestations in Kubernetes
  ☆12Updated last week
• chainguard-dev / crow-registry
  ☆24Updated last year
• theupdateframework / tuf-on-ci
  A TUF repository and signing tool
  ☆33Updated this week
• chainguard-dev / justtrustme
  ☆54Updated this week
• omnibor / spec
  A draft standard for communicating a cryptographic record of build inputs for software artifacts.
  ☆24Updated last month
• secure-systems-lab / dsse
  A specification for signing methods and formats used by Secure Systems Lab projects.
  ☆76Updated 8 months ago
• Betterment / claws
  💅🏽 analyzes your github actions
  ☆41Updated last week
• google / containerdbg
  ☆74Updated this week
• chris-wood / ohttp-go
  Oblivious HTTP implementation
  ☆28Updated 11 months ago
• slsa-framework / slsa-github-generator-go
  ☆56Updated 2 years ago
• googleapis / enterprise-certificate-proxy
  Repository for the Enterprise Certificate Proxy project.
  ☆25Updated 2 months ago
• raesene / eathar
  ☆25Updated this week
• testifysec / solarsploit
  Red team tool that emulates the SolarWinds CI compromise attack vector.
  ☆22Updated last year
• wneessen / go-hibp
  🔑 Go bindings to the HIBP API
  ☆10Updated 2 months ago
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated 2 years ago
• in-toto / community
  in-toto is a framework to secure the software supply chain.
  ☆70Updated 4 months ago
• Sc00bz / bscrypt
  A cache hard password hash/KDF
  ☆47Updated last year
• ossf / ossf-landscape
  ☆29Updated last week
• DataDog / attache
  Attaché provides an emulation layer for Cloud Provider IMDS APIs
  ☆53Updated 10 months ago
• mlieberman85 / scq
  Supply Chain Query Tool
  ☆13Updated 2 years ago
• google-parfait / trusted-computations-platform
  ☆11Updated this week
• kusaridev / spector
  Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks
  ☆31Updated 3 weeks ago
• cybrota / scharf
  Static analysis tool to Identify and Fix GitHub Actions prone to Supply‑Chain Risks
  ☆11Updated this week
• xyproto / ainur
  Detect compiler names and versions from ELF files
  ☆26Updated this week
• google / pdl-language
  Syntax highlighting for Packet Description Language, as used for various Android networking components.
  ☆25Updated 2 months ago
• philips-labs / spiffe-vault
  Integrates Spiffe and Vault to have secretless authentication
  ☆87Updated this week
• rdimitrov / go-tuf-metadata
  Go implementation of The Update Framework heavily influenced by python-tuf
  ☆13Updated last year