Alternatives and similar repositories for taf

Users that are interested in taf are comparing it to the libraries listed below

• secure-systems-lab / securesystemslib
  Cryptographic and general-purpose routines for Secure Systems Lab projects at NYU
  ☆52Updated last week
• orcwg / cra-hub
  Everything you ever wanted to know about the CRA and its implementation
  ☆149Updated this week
• aboutcode-org / purldb
  Tools to create and deploy a database of software packages metadata, origin, dependencies, and license keyed by PURLs (Package URLs). Sup…
  ☆58Updated this week
• spdx / tools-python
  A Python library to parse, validate and create SPDX documents.
  ☆233Updated 3 weeks ago
• sigstore / sigstore-python
  A Sigstore client written in Python
  ☆310Updated this week
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆87Updated 2 months ago
• google / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆141Updated 2 years ago
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆71Updated last week
• pombredanne / gpl-history
  ☆19Updated last year
• spdx / spdx-3-model
  The model for the information captured in SPDX version 3 standard.
  ☆97Updated 2 weeks ago
• ossf / security-insights
  Machine-readable specification for the attestation of security-relevant data.
  ☆72Updated last week
• spdx / spdx-spec
  The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.
  ☆354Updated this week
• ossf / wg-securing-critical-projects
  Helping allocate resources to secure the critical open source projects we all depend on.
  ☆383Updated 9 months ago
• aboutcode-org / license-expression
  Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …
  ☆72Updated 6 months ago
• theupdateframework / tuf-on-ci
  A TUF repository and signing tool
  ☆43Updated last week
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆110Updated last week
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆110Updated 3 weeks ago
• chaoss / wg-risk
  Risk Working Group Repository
  ☆27Updated 10 months ago
• ossf / alpha-omega
  Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
  ☆112Updated this week
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆79Updated this week
• ossf / wg-securing-software-repos
  OpenSSF Working Group on Securing Software Repositories
  ☆127Updated last month
• mitre / hipcheck
  Automatically assess and score software repositories for supply chain risk.
  ☆120Updated this week
• clearlydefined / clearlydefined
  Doc, wiki and organizational content for ClearlyDefined
  ☆106Updated last week
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆230Updated this week
• aboutcode-org / scancode-licensedb
  A free and open database of all the licenses, in particular all the open source software licenses
  ☆58Updated 2 weeks ago
• joholl / tpmstream
  A tool to help you understand TPM commands and responses.
  ☆47Updated last year
• oasis-tcs / csaf
  OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…
  ☆206Updated 2 weeks ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆81Updated last year
• vinland-technology / flict
  free and open source software license compatibility tool.
  ☆50Updated 10 months ago
• tommilligan / pyqubes
  QubesOS dom0 automation in Python
  ☆12Updated 8 years ago