Alternatives and similar repositories for taf

Users that are interested in taf are comparing it to the libraries listed below

• secure-systems-lab / securesystemslib
  Cryptographic and general-purpose routines for Secure Systems Lab projects at NYU
  ☆52Updated last week
• orcwg / cra-hub
  Everything you ever wanted to know about the CRA and its implementation
  ☆149Updated this week
• spdx / tools-python
  A Python library to parse, validate and create SPDX documents.
  ☆233Updated 3 weeks ago
• pombredanne / gpl-history
  ☆19Updated last year
• google / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆141Updated 2 years ago
• chaoss / wg-risk
  Risk Working Group Repository
  ☆27Updated 10 months ago
• aboutcode-org / license-expression
  Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …
  ☆72Updated 6 months ago
• clearlydefined / clearlydefined
  Doc, wiki and organizational content for ClearlyDefined
  ☆106Updated last week
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆86Updated 2 months ago
• ossf / wg-securing-critical-projects
  Helping allocate resources to secure the critical open source projects we all depend on.
  ☆383Updated 9 months ago
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆71Updated last week
• twiss / source-code-transparency
  Source Code Transparency
  ☆11Updated 2 years ago
• spdx / spdx-3-model
  The model for the information captured in SPDX version 3 standard.
  ☆97Updated 2 weeks ago
• aboutcode-org / purldb
  Tools to create and deploy a database of software packages metadata, origin, dependencies, and license keyed by PURLs (Package URLs). Sup…
  ☆58Updated this week
• sigstore / sigstore-python
  A Sigstore client written in Python
  ☆310Updated this week
• theupdateframework / tuf-on-ci
  A TUF repository and signing tool
  ☆43Updated last week
• ossf / wg-securing-software-repos
  OpenSSF Working Group on Securing Software Repositories
  ☆127Updated last month
• spdx / spdx-spec
  The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.
  ☆354Updated this week
• fsfe / reuse-docs
  REUSE recommendations, tutorials, FAQ and specification
  ☆18Updated last year
• repository-service-tuf / repository-service-tuf
  Umbrella Repository Service for TUF
  ☆59Updated last week
• psf / psf-tuf-runbook
  A runbook for the PSF, for TUF key setup and initial signing operations to bootstrap signing for PyPI.
  ☆16Updated 3 years ago
• mitre / hipcheck
  Automatically assess and score software repositories for supply chain risk.
  ☆120Updated 2 months ago
• spdx / meetings
  This repository stores meetings minutes for the SPDX project
  ☆37Updated last week
• ossf / security-insights
  Machine-readable specification for the attestation of security-relevant data.
  ☆72Updated last week
• vinland-technology / flict
  free and open source software license compatibility tool.
  ☆50Updated 10 months ago
• uspki / policies
  2017 - 2018 Certificate Policy development and drafting for Federal Public Trust Device PKI.
  ☆44Updated last year
• freedomofpress / webcat
  WEBCAT is an architectural framework for providing blocking code signing and verification, integrity and transparency checks for browser-…
  ☆59Updated last week
• sigstore / gh-action-sigstore-python
  A GitHub Action for sigstore-python
  ☆65Updated this week
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆110Updated last week
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆81Updated last year