Software Supply Chain Security Platform
☆375Updated this week
Alternatives and similar repositories for minder
Users that are interested in minder are comparing it to the libraries listed below
Sorting:
- A repository containing example Minder rules and profiles☆24Updated this week
- A MCP server that provides web content fetching capabilities.☆21Updated this week
- An MCP server for OSV☆26Updated this week
- Throw a tag at it and it comes back with a checksum.☆155Feb 21, 2026Updated last week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆108Updated this week
- An query language and interactive tooling to work with SBOM data.☆15Oct 7, 2024Updated last year
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,450Updated this week
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆33Apr 22, 2025Updated 10 months ago
- A universal SBOM representation in protocol buffers☆316Feb 18, 2026Updated last week
- Artifact Ratification Framework (CNCF Sandbox)☆284Feb 19, 2026Updated last week
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆158Feb 16, 2026Updated last week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆517Updated this week
- A CLI tool for creating secure by design/default source repos.☆28Jul 29, 2024Updated last year
- A security layer for Git repositories☆578Updated this week
- ☆255Updated this week
- Demos and resources of the Istio + Gatekeeper talks at IstioCon 2022 and GitOpsCon 2022☆14Sep 4, 2023Updated 2 years ago
- sigstore the hard way!☆118Aug 6, 2025Updated 6 months ago
- Log monitor for Rekor to verify immutability and monitor entries☆47Updated this week
- Language-agnostic SLSA provenance generation for Github Actions☆549Updated this week
- ☆20Feb 5, 2026Updated 3 weeks ago
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆312Updated this week
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆187Updated this week
- Sigstore user stories☆30Aug 25, 2023Updated 2 years ago
- Helm Chart for deploying GUAC☆18Updated this week
- A utility to generate SPDX-compliant Bill of Materials manifests☆441Updated this week
- in-toto is a framework to protect supply chain integrity.☆974Feb 11, 2026Updated 2 weeks ago
- 🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their sig…☆79Dec 4, 2025Updated 2 months ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆42Updated this week
- Enrich SBOMs with data from third party services☆220Feb 11, 2026Updated 2 weeks ago
- A tool to create, transform and attest VEX metadata☆176Updated this week
- Verify provenance from SLSA compliant builders☆310Nov 20, 2025Updated 3 months ago
- A template repository for building external data providers for Gatekeeper.☆12Aug 14, 2023Updated 2 years ago
- Trusty Dependency Risk Action☆10Feb 12, 2025Updated last year
- Software Supply Chain Transparency Log☆1,088Updated this week
- vexctl is a tool to attest VEX impact statements☆45Mar 27, 2023Updated 2 years ago
- SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆526Feb 21, 2026Updated last week
- Search Rekor for entries☆39Feb 7, 2026Updated 3 weeks ago
- Generate a score for your sbom to understand if it will actually be useful.☆238Aug 13, 2024Updated last year
- A collection of reusable Github Actions workflows.☆159Updated this week