Go implementation of witness
☆45Mar 2, 2026Updated last week
Alternatives and similar repositories for go-witness
Users that are interested in go-witness are comparing it to the libraries listed below
Sorting:
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆108Mar 2, 2026Updated last week
- Witness Examples☆12Feb 27, 2024Updated 2 years ago
- Friends of in-toto! A place to record integrations and adoptions of the in-toto specification.☆21Mar 2, 2026Updated last week
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆145Feb 27, 2026Updated last week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆518Updated this week
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆33Apr 22, 2025Updated 10 months ago
- Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools☆19Updated this week
- TUF repository for Sigstore trust root☆120Updated this week
- Lind: Secure Lightweight Adaptive Isolation☆32Jul 3, 2025Updated 8 months ago
- ☆23Oct 26, 2021Updated 4 years ago
- 🔴🟡🟢 The Amazing Multipurpose Policy Engine (and L)☆39Mar 2, 2026Updated last week
- in-toto Enhancements☆20Feb 17, 2025Updated last year
- Umbrella Repository Service for TUF☆61Feb 23, 2026Updated 2 weeks ago
- A Java implementation of in-toto runlib☆11Jul 23, 2024Updated last year
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆45Oct 30, 2023Updated 2 years ago
- A CLI tool for creating secure by design/default source repos.☆28Jul 29, 2024Updated last year
- A crawler for kernel releases distributed by the major Linux distributions.☆13Oct 18, 2024Updated last year
- Supply Chain Query Tool☆13May 25, 2022Updated 3 years ago
- Hunter Javascript obfuscator written in Go☆13May 20, 2022Updated 3 years ago
- sigstore the hard way!☆118Aug 6, 2025Updated 7 months ago
- A security layer for Git repositories☆578Mar 3, 2026Updated last week
- ☆18Feb 26, 2026Updated last week
- 🔍 Rekor transparency log monitoring and alerting☆27Oct 2, 2023Updated 2 years ago
- ORBIT: Open Resources for Baselines, Interoperability, and Tooling☆21Feb 28, 2026Updated last week
- Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosign☆12Sep 15, 2021Updated 4 years ago
- Go implementation of The Update Framework heavily influenced by python-tuf☆14Mar 7, 2024Updated 2 years ago
- Self-extracting archives creation tool☆18Mar 23, 2024Updated last year
- Tools for signing Windows files☆15Mar 2, 2026Updated last week
- ☆76Dec 10, 2025Updated 3 months ago
- Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts☆18Feb 27, 2026Updated last week
- A tool to create, transform and attest VEX metadata☆176Mar 2, 2026Updated last week
- Format agnostic SBOM tooling☆133Nov 20, 2025Updated 3 months ago
- in-toto Attestation Framework☆326Updated this week
- htmlcapture – A Go package to capture high-quality screenshots from URLs, HTML files, or raw HTML strings. Supports dynamic HTML, CSS sel…☆20Feb 8, 2025Updated last year
- ☆22Jul 24, 2025Updated 7 months ago
- RATS Architecture☆17Oct 27, 2025Updated 4 months ago
- ☆26Jun 10, 2025Updated 9 months ago
- ☆23Feb 8, 2025Updated last year
- K8S Operator for Rekor☆20Feb 23, 2023Updated 3 years ago