fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl where to grab the attestation from.
☆11May 11, 2026Updated last month
Alternatives and similar repositories for fatt
Users that are interested in fatt are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Github Action implementation of SLSA Provenance Generation☆50Jun 22, 2026Updated last week
- GitHub actions for the chainguard-images☆21Jun 22, 2026Updated last week
- Docker CI scripts☆12Nov 24, 2025Updated 7 months ago
- ☆11Nov 11, 2022Updated 3 years ago
- Submit SBOMs to GitHub's dependency submission API☆19Dec 4, 2025Updated 7 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Generates SPDX bill-of-material files from a package input and license scan☆13Apr 15, 2024Updated 2 years ago
- Monorepo for Identity Box☆20Aug 11, 2024Updated last year
- Overview of philips-labs helm charts☆16Jun 23, 2026Updated last week
- vexctl is a tool to attest VEX impact statements☆45Mar 27, 2023Updated 3 years ago
- ☆57Jun 1, 2022Updated 4 years ago
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Jan 27, 2025Updated last year
- go-ima is a tool that checks if a file has been tampered with. It is useful in ensuring integrity in CI systems☆14Sep 28, 2023Updated 2 years ago
- A java api and command line tool for scanning, reporting and fixing a git repository's InnerSource Readiness based on a supplied specific…☆20Sep 8, 2023Updated 2 years ago
- Run ORT in your GitHub action workflow to do licensing, security and best practices checks and generate reports/SBOMs☆33Jun 27, 2026Updated last week
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A proof-of-concept SLSA provenance generator for Jenkins☆25Jul 29, 2024Updated last year
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆73Updated this week
- Automated Terraform cloud and enterprise drift detection☆41Mar 30, 2026Updated 3 months ago
- A docker CLI plugin for verifying signed attestations on images☆13Oct 27, 2023Updated 2 years ago
- An example repo demonstrating keyless signing with Github Actions☆11May 24, 2022Updated 4 years ago
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆32Oct 24, 2022Updated 3 years ago
- SLSA level 3 action☆12Apr 26, 2024Updated 2 years ago
- Transparenty Immutable Container Image Tags☆20Jul 5, 2023Updated 2 years ago
- sigstore installation walkthrough, local☆63Dec 8, 2025Updated 6 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- rbenv plugin for chef-workstation☆16Oct 20, 2021Updated 4 years ago
- ☆10Mar 26, 2026Updated 3 months ago
- AWS ECR scanning slack notifications☆13Jul 19, 2023Updated 2 years ago
- Integrates Spiffe and Vault to have secretless authentication☆100Jun 23, 2026Updated last week
- Demos and resources of the Istio + Gatekeeper talks at IstioCon 2022 and GitOpsCon 2022