Supply Chain Integrity Model
☆107Jun 12, 2023Updated 2 years ago
Alternatives and similar repositories for scim
Users that are interested in scim are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆45Oct 30, 2023Updated 2 years ago
- Supply Chain Query Tool☆13May 25, 2022Updated 3 years ago
- This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.☆140Jul 12, 2022Updated 3 years ago
- A Java implementation of in-toto runlib☆11Jul 23, 2024Updated last year
- fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…☆11May 11, 2026Updated last week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information☆25Feb 4, 2022Updated 4 years ago
- ☆81Dec 10, 2025Updated 5 months ago
- Meeting materials☆24May 11, 2026Updated last week
- Community Specification 1.0☆77Mar 23, 2026Updated last month
- ☆22Nov 27, 2021Updated 4 years ago
- Scans SBOMs for vulnerabilities with Grype☆87Updated this week
- General sigstore community repo☆45Updated this week
- A community collection of security reviews of open source software components.☆99Feb 29, 2024Updated 2 years ago
- Secvisogram is a web tool for creating and editing security advisories in the CSAF 2.0 format☆43May 13, 2026Updated last week
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Production grade Kubernetes controller for managing AWS Services using CRDs☆16Apr 8, 2020Updated 6 years ago
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆33Apr 22, 2025Updated last year
- Demos and resources of the Istio + Gatekeeper talks at IstioCon 2022 and GitOpsCon 2022☆15Sep 4, 2023Updated 2 years ago
- ☆102Sep 27, 2024Updated last year
- ☆11Apr 25, 2019Updated 7 years ago
- A rust implementation of in-toto☆35Feb 27, 2026Updated 2 months ago
- Supply-chain Levels for Software Artifacts☆1,868Updated this week
- 🥑 Inspect and understand an organization's software supply chain using AI to enable stakeholders to make actionable decisions about soft…☆22Apr 15, 2024Updated 2 years ago
- Hoppr Cop is a cli and python library that generates high quality vulnerability information from a cyclone-dx Software Bill of Materials …☆25Dec 16, 2024Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions☆50Dec 2, 2025Updated 5 months ago
- Rust implementation of OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆28Jul 29, 2025Updated 9 months ago
- Proof-of-concept SLSA provenance generator for GitHub Actions☆99Nov 1, 2022Updated 3 years ago
- OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…☆217Updated this week
- CDK app to setup an isolated AWS network to experiment with ways of exfiltrating data☆18Nov 18, 2021Updated 4 years ago
- Sigstore's Protocol Buffer specifications☆34May 1, 2026Updated 2 weeks ago
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆1,018Mar 12, 2024Updated 2 years ago
- in-toto is a framework to protect supply chain integrity.☆999May 5, 2026Updated 2 weeks ago
- verify https assets with a public transparency log☆75Oct 28, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆222Oct 21, 2025Updated 6 months ago
- Open Source Software Secure Supply Chain Framework☆239Oct 28, 2022Updated 3 years ago
- ☆18Updated this week
- Design documents and interoperability tests for Interoperable RA-TLS projects☆15Jan 8, 2024Updated 2 years ago
- DRAFT: did:x509 Decentralized Identifier Method Specification☆22Oct 1, 2025Updated 7 months ago
- A GitHub Action for using Conftest☆33Nov 29, 2021Updated 4 years ago
- Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.☆33Apr 4, 2023Updated 3 years ago