A CLI tool to sign and verify artifacts
☆466Feb 18, 2026Updated last week
Alternatives and similar repositories for notation
Users that are interested in notation are comparing it to the libraries listed below
Sorting:
- A collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications.☆42Feb 16, 2026Updated last week
- Cross tooling and interoperability specifications☆175May 20, 2025Updated 9 months ago
- Artifact Ratification Framework (CNCF Sandbox)☆284Feb 19, 2026Updated last week
- Azure Provider for Notation CLI☆17Nov 20, 2025Updated 3 months ago
- GitHub Actions for signing and verifying artifacts with Notation☆19Jan 12, 2026Updated last month
- OCI registry client - managing content like artifacts, images, packages☆2,144Updated this week
- Contains support for Notary Project signature envelope, and format specific implementation☆15Feb 9, 2026Updated 2 weeks ago
- Code signing and transparency for containers and binaries☆5,683Updated this week
- in-toto is a framework to protect supply chain integrity.☆974Feb 11, 2026Updated 2 weeks ago
- 🧵 CLI tool for directly patching container images!☆1,543Feb 20, 2026Updated last week
- ☆27Aug 31, 2022Updated 3 years ago
- ☆64May 15, 2024Updated last year
- Software Supply Chain Transparency Log☆1,088Updated this week
- Sigstore OIDC PKI☆807Updated this week
- ORAS Go library☆249Feb 12, 2026Updated 2 weeks ago
- 🐊 Policy Controller for Kubernetes☆4,150Updated this week
- AWS Signer Plugin for Notation☆18Jan 26, 2026Updated last month
- Terraform provider to perform OCI image operations☆15Updated this week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆108Updated this week
- Keyless Git signing using Sigstore☆1,063Updated this week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆517Updated this week
- Cloud Native Policy Management☆7,427Updated this week
- zot - A scale-out production-ready vendor-neutral OCI-native container image/artifact registry (purely based on OCI Distribution Specific…☆1,886Updated this week
- go library for CBOR Object Signing and Encryption (COSE)☆62Nov 7, 2025Updated 3 months ago
- All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.☆1,175Jan 29, 2026Updated last month
- Common go library shared across sigstore services and clients☆502Updated this week
- in-toto Attestation Framework☆326Feb 17, 2026Updated last week
- Log monitor for Rekor to verify immutability and monitor entries☆47Updated this week
- Trivy plugin for OCI referrers☆23May 13, 2024Updated last year
- An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster☆470Updated this week
- Notary is a project that allows anyone to have trust over arbitrary collections of data☆3,288Aug 7, 2024Updated last year
- Go implementation for CNAB content trust verification using TUF, Notary, and in-toto☆31Jul 5, 2023Updated 2 years ago
- Notary Project Website☆27Nov 10, 2025Updated 3 months ago
- ☆255Feb 16, 2026Updated last week
- Kyverno extension service for Notation and the AWS signer☆15Updated this week
- The SPIFFE Runtime Environment☆2,214Updated this week
- Reference implementation of OpenPubkey☆882Feb 6, 2026Updated 3 weeks ago
- Supply-chain Levels for Software Artifacts☆1,814Feb 20, 2026Updated last week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,416Updated this week