A CLI tool to sign and verify artifacts
☆469Feb 18, 2026Updated last month
Alternatives and similar repositories for notation
Users that are interested in notation are comparing it to the libraries listed below
Sorting:
- A collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications.☆43Updated this week
- Cross tooling and interoperability specifications☆174May 20, 2025Updated 10 months ago
- Azure Provider for Notation CLI☆17Nov 20, 2025Updated 4 months ago
- GitHub Actions for signing and verifying artifacts with Notation☆20Jan 12, 2026Updated 2 months ago
- Contains support for Notary Project signature envelope, and format specific implementation☆15Feb 9, 2026Updated last month
- Artifact Ratification Framework (CNCF Sandbox)☆285Mar 5, 2026Updated 2 weeks ago
- OCI registry client - managing content like artifacts, images, packages☆2,168Updated this week
- ☆64May 15, 2024Updated last year
- ORAS Go library☆249Mar 12, 2026Updated last week
- Code signing and transparency for containers and binaries☆5,734Updated this week
- AWS Signer Plugin for Notation☆18Mar 9, 2026Updated last week
- go library for CBOR Object Signing and Encryption (COSE)☆62Nov 7, 2025Updated 4 months ago
- 🧵 CLI tool for directly patching container images!☆1,558Mar 9, 2026Updated last week
- Terraform provider to perform OCI image operations☆14Updated this week
- in-toto is a framework to protect supply chain integrity.☆981Mar 9, 2026Updated last week
- ☆27Aug 31, 2022Updated 3 years ago
- Software Supply Chain Transparency Log☆1,100Updated this week
- Sigstore OIDC PKI☆814Updated this week
- Go implementation for CNAB content trust verification using TUF, Notary, and in-toto☆31Jul 5, 2023Updated 2 years ago
- Trivy plugin for OCI referrers☆23May 13, 2024Updated last year
- 🐊 Policy Controller for Kubernetes☆4,168Updated this week
- A Kubewarden Policy that verifies all the signatures of the container images referenced by a Pod☆12Jan 20, 2026Updated 2 months ago
- Common go library shared across sigstore services and clients☆503Updated this week
- Keyless Git signing using Sigstore☆1,066Mar 9, 2026Updated last week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆108Updated this week
- Notary is a project that allows anyone to have trust over arbitrary collections of data☆3,287Aug 7, 2024Updated last year
- in-toto Attestation Framework☆327Mar 11, 2026Updated last week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆519Updated this week
- zot - A scale-out production-ready vendor-neutral OCI-native container image/artifact registry (purely based on OCI Distribution Specific…☆1,954Updated this week
- Unified Policy as Code☆7,498Updated this week
- An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster☆470Updated this week
- Kyverno extension service for Notation and the AWS signer☆15Mar 5, 2026Updated 2 weeks ago
- ☆255Updated this week
- All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.☆1,182Jan 29, 2026Updated last month
- A utility to generate SPDX-compliant Bill of Materials manifests☆446Mar 13, 2026Updated last week
- Go library for Sigstore signing and verification☆17Sep 29, 2023Updated 2 years ago
- Integrates Spiffe and Vault to have secretless authentication☆99Mar 2, 2026Updated 2 weeks ago
- oci and apk explorer☆101Dec 17, 2025Updated 3 months ago
- ORAS (OCI registry as storage) container storage interface☆17Jun 5, 2024Updated last year