notaryproject/specifications external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

notaryproject/specifications

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/notaryproject/specifications)

Close

notaryproject / specificationsView on GitHubMore

• External links
• Readme badge

Cross tooling and interoperability specifications

☆174May 20, 2025Updated 10 months ago

Alternatives and similar repositories for specifications

Users that are interested in specifications are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• notaryproject / notation

  View on GitHub
  A CLI tool to sign and verify artifacts
  ☆472Mar 26, 2026Updated 2 weeks ago
• Azure / notation-azure-kv

  View on GitHub
  Azure Provider for Notation CLI
  ☆17Nov 20, 2025Updated 4 months ago
• notaryproject / notation-go

  View on GitHub
  A collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications.
  ☆44Mar 23, 2026Updated 3 weeks ago
• oras-project / artifacts-spec

  View on GitHub
  ☆64May 15, 2024Updated last year
• notaryproject / notation-action

  View on GitHub
  GitHub Actions for signing and verifying artifacts with Notation
  ☆20Jan 12, 2026Updated 3 months ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• kusaridev / spector

  View on GitHub
  Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks
  ☆33Apr 22, 2025Updated 11 months ago
• chainguard-dev / terraform-provider-oci

  View on GitHub
  Terraform provider to perform OCI image operations
  ☆14Updated this week
• in-toto / scai-demos

  View on GitHub
  Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools
  ☆19Apr 3, 2026Updated last week
• aws / aws-signer-notation-plugin

  View on GitHub
  AWS Signer Plugin for Notation
  ☆17Mar 16, 2026Updated 3 weeks ago
• veraison / go-cose

  View on GitHub
  go library for CBOR Object Signing and Encryption (COSE)
  ☆62Nov 7, 2025Updated 5 months ago
• kubewarden / verify-image-signatures

  View on GitHub
  A Kubewarden Policy that verifies all the signatures of the container images referenced by a Pod
  ☆11Jan 20, 2026Updated 2 months ago
• cnabio / signy

  View on GitHub
  Go implementation for CNAB content trust verification using TUF, Notary, and in-toto
  ☆31Jul 5, 2023Updated 2 years ago
• notaryproject / notaryproject.dev

  View on GitHub
  Notary Project Website
  ☆28Mar 19, 2026Updated 3 weeks ago
• kubernetes-sigs / tejolote

  View on GitHub
  A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.
  ☆73Updated this week
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• psf / psf-tuf-runbook

  View on GitHub
  A runbook for the PSF, for TUF key setup and initial signing operations to bootstrap signing for PyPI.
  ☆16Mar 20, 2026Updated 3 weeks ago
• scitt-community / scitt-api-emulator

  View on GitHub
  SCITT API Emulator
  ☆10Nov 22, 2024Updated last year
• in-toto / specification

  View on GitHub
  Specification and other related documents.
  ☆50Jan 13, 2025Updated last year
• in-toto / ITE

  View on GitHub
  in-toto Enhancements
  ☆20Feb 17, 2025Updated last year
• philips-labs / fatt

  View on GitHub
  fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…
  ☆11Updated this week
• oras-project / oras-go

  View on GitHub
  ORAS Go library
  ☆253Updated this week
• chainguard-dev / tlogistry

  View on GitHub
  Transparenty Immutable Container Image Tags
  ☆20Jul 5, 2023Updated 2 years ago
• sigstore / k8s-manifest-sigstore

  View on GitHub
  kubectl plugin for signing Kubernetes manifest YAML files with sigstore
  ☆87Apr 3, 2026Updated last week
• notaryproject / notation-core-go

  View on GitHub
  Contains support for Notary Project signature envelope, and format specific implementation
  ☆14Mar 30, 2026Updated last week
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• notaryproject / ratify

  View on GitHub
  Artifact Ratification Framework (CNCF Sandbox)
  ☆288Mar 5, 2026Updated last month
• tektoncd / chains

  View on GitHub
  Supply Chain Security in Tekton Pipelines
  ☆271Updated this week
• sigstore / rekor-monitor

  View on GitHub
  Log monitor for Rekor to verify immutability and monitor entries
  ☆49Updated this week
• jonjohnsonjr / dagdotdev

  View on GitHub
  oci and apk explorer
  ☆101Dec 17, 2025Updated 3 months ago
• sigstore / policy-controller

  View on GitHub
  Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…
  ☆166Updated this week
• in-toto / archivista

  View on GitHub
  Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…
  ☆108Apr 4, 2026Updated last week
• SBOMit / specification

  View on GitHub
  ☆80Dec 10, 2025Updated 4 months ago
• AevaOnline / supply-chain-synthesis

  View on GitHub
  Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.
  ☆33Apr 4, 2023Updated 3 years ago
• oras-project / oras

  View on GitHub
  OCI registry client - managing content like artifacts, images, packages
  ☆2,209Updated this week
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• kubernetes / cel-admission-webhook

  View on GitHub
  ☆14Sep 20, 2023Updated 2 years ago
• aws-samples / eks-gitops-crossplane-flux

  View on GitHub
  ☆34Feb 8, 2022Updated 4 years ago
• dexidp / website

  View on GitHub
  Dex website
  ☆11Mar 3, 2026Updated last month
• in-toto / in-toto

  View on GitHub
  in-toto is a framework to protect supply chain integrity.
  ☆990Updated this week
• sigstore / cosign

  View on GitHub
  Code signing and transparency for containers and binaries
  ☆5,793Updated this week
• buildsec / frsca

  View on GitHub
  ☆256Mar 31, 2026Updated last week
• cpuguy83 / zapp

  View on GitHub
  Tool to interact with Docker registry objects.
  ☆25Nov 6, 2025Updated 5 months ago