in-toto / communityView external linksLinks
in-toto is a framework to secure the software supply chain.
☆71Dec 2, 2025Updated 2 months ago
Alternatives and similar repositories for community
Users that are interested in community are comparing it to the libraries listed below
Sorting:
- Friends of in-toto! A place to record integrations and adoptions of the in-toto specification.☆20Updated this week
- A specification for signing methods and formats used by Secure Systems Lab projects.☆94Nov 10, 2025Updated 3 months ago
- A Java implementation of in-toto runlib☆11Jul 23, 2024Updated last year
- ☆75Dec 10, 2025Updated 2 months ago
- in-toto is a framework to protect supply chain integrity.☆972Feb 3, 2026Updated last week
- Securing Alice's, Bob's and Carl's software supply chain using in-toto☆104Updated this week
- Example multi-region application with data residency. Suitable for global and regulated businesses.☆11Dec 1, 2023Updated 2 years ago
- ⚖️ CNCF Code of Conduct WG☆17Jan 30, 2025Updated last year
- Supply Chain Query Tool☆13May 25, 2022Updated 3 years ago
- A rust implementation of in-toto☆35Jan 22, 2026Updated 3 weeks ago
- in-toto Attestation Framework☆323Updated this week
- Validated Patterns documentation☆18Updated this week
- Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts☆18Feb 6, 2026Updated last week
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.☆71Feb 6, 2026Updated last week
- GO utility to generate Dockerfiles in different variants from yml data☆20Jan 19, 2026Updated 3 weeks ago
- Turn any url into a QR Code☆18Sep 23, 2014Updated 11 years ago
- NIST OSCAL SDK and CLI☆22Feb 1, 2026Updated 2 weeks ago
- Kubernetes audit logging, when you don't control the control plane☆90Updated this week
- in-toto Enhancements☆19Feb 17, 2025Updated 11 months ago
- A build tool and library for virtual machines.☆19Apr 19, 2023Updated 2 years ago
- A repository containing example Minder rules and profiles☆24Updated this week
- kbrew is homebrew for Kubernetes☆189Feb 25, 2023Updated 2 years ago
- sigstore maven plugin☆19Jul 22, 2024Updated last year
- Template repository for new images☆25Sep 4, 2023Updated 2 years ago
- A Kubernetes plugin that gives context to what is restarting in your Kubernetes cluster☆155Sep 10, 2025Updated 5 months ago
- ☆31Updated this week
- A security layer for Git repositories☆572Updated this week
- Supply-chain Levels for Software Artifacts☆1,809Updated this week
- KBOM - Kubernetes Bill of Materials☆324Jul 30, 2025Updated 6 months ago
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆33Apr 22, 2025Updated 9 months ago
- Bruk av Sky i offentlig sektor☆28Sep 1, 2022Updated 3 years ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆514Updated this week
- Repository for the generation of OSCAL data types☆27Feb 5, 2026Updated last week
- kubectl plugin that provides the missing link/glue between common password managers and kubectl☆129Jan 22, 2026Updated 3 weeks ago
- Language-agnostic SLSA provenance generation for Github Actions☆546Oct 20, 2025Updated 3 months ago
- Software Supply Chain Transparency Log☆1,078Updated this week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,446Updated this week
- 🧵 CLI tool for directly patching container images!☆1,539Updated this week
- BadRobot - Operator Security Audit Tool☆223Feb 2, 2026Updated 2 weeks ago