Alternatives and similar repositories for taf

Users that are interested in taf are comparing it to the libraries listed below

• pombredanne / gpl-history
  ☆19Updated 11 months ago
• orcwg / cra-hub
  Everything you ever wanted to know about the CRA and its implementation
  ☆138Updated last week
• secure-systems-lab / securesystemslib
  Cryptographic and general-purpose routines for Secure Systems Lab projects at NYU
  ☆52Updated last week
• spdx / tools-python
  A Python library to parse, validate and create SPDX documents.
  ☆227Updated 3 months ago
• sigstore / sigstore-python
  A Sigstore client written in Python
  ☆296Updated this week
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆69Updated 3 weeks ago
• twiss / source-code-transparency
  Source Code Transparency
  ☆11Updated 2 years ago
• spdx / spdx-3-model
  The model for the information captured in SPDX version 3 standard.
  ☆95Updated this week
• clearlydefined / clearlydefined
  Doc, wiki and organizational content for ClearlyDefined
  ☆103Updated this week
• sigstore / gh-action-sigstore-python
  A GitHub Action for sigstore-python
  ☆61Updated last week
• tommilligan / pyqubes
  QubesOS dom0 automation in Python
  ☆12Updated 8 years ago
• spdx / meetings
  This repository stores meetings minutes for the SPDX project
  ☆34Updated last week
• ossf / wg-securing-software-repos
  OpenSSF Working Group on Securing Software Repositories
  ☆122Updated last week
• google / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆138Updated 2 years ago
• psf / psf-tuf-runbook
  A runbook for the PSF, for TUF key setup and initial signing operations to bootstrap signing for PyPI.
  ☆15Updated 3 years ago
• repository-service-tuf / repository-service-tuf
  Umbrella Repository Service for TUF
  ☆57Updated 2 weeks ago
• mitre / hipcheck
  Automatically assess and score software repositories for supply chain risk.
  ☆114Updated last week
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆79Updated last month
• aboutcode-org / purldb
  Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…
  ☆52Updated 2 weeks ago
• theupdateframework / tuf-on-ci
  A TUF repository and signing tool
  ☆42Updated this week
• spdx / spdx-spec
  The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.
  ☆343Updated this week
• aboutcode-org / license-expression
  Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …
  ☆69Updated 3 months ago
• phylum-dev / vuln-reach
  A library for building tools to determine if vulnerabilities are reachable in a code base.
  ☆16Updated 2 months ago
• psf / advisory-database
  This is a repository of vulnerability advisories for projects in scope for the Python Software Foundation CVE Numbering Authority (CNA)
  ☆37Updated 2 weeks ago
• ietf-wg-scitt / draft-ietf-scitt-architecture
  An Architecture for Trustworthy Digital Supply Chain Transparency Services
  ☆17Updated last week
• mlieberman85 / scq
  Supply Chain Query Tool
  ☆13Updated 3 years ago
• vinland-technology / flict
  free and open source software license compatibility tool.
  ☆48Updated 6 months ago
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆97Updated this week
• oasis-tcs / sarif-spec
  OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
  ☆187Updated 3 weeks ago
• ossf / security-insights
  Machine-readable specification for the attestation of security-relevant data.
  ☆63Updated last month