A tool for securing CI/CD workflows with version pinning.
☆887Mar 5, 2026Updated 2 weeks ago
Alternatives and similar repositories for ratchet
Users that are interested in ratchet are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Keyless Git signing using Sigstore☆1,067Updated this week
- Evaluate source control (GitHub) security posture☆251Mar 8, 2023Updated 3 years ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆519Mar 17, 2026Updated last week
- SLSA level 3 action☆11Apr 26, 2024Updated last year
- BadRobot - Operator Security Audit Tool☆226Feb 2, 2026Updated last month
- Common tools and libraries for abcxyz projects.☆20Updated this week
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆318Mar 18, 2026Updated last week
- Write tests against structured configuration data using the Open Policy Agent Rego query language☆3,142Mar 14, 2026Updated last week
- Build OCI images from APK packages directly without Dockerfile☆1,573Updated this week
- Open source compliance tool for development platforms.☆286Oct 30, 2023Updated 2 years ago
- Code signing and transparency for containers and binaries☆5,734Updated this week
- GitHub App to set and enforce security policies☆1,399Updated this week
- task runner for local and remote hosts☆743Apr 18, 2025Updated 11 months ago
- Automation engine to build, test and ship any codebase. Runs locally, in CI, or directly in the cloud☆15,556Updated this week
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆999Mar 18, 2026Updated last week
- A library of rules for Conftest used to detect misconfigurations within Terraform configuration files☆190Sep 20, 2022Updated 3 years ago
- Build and deploy Go applications☆8,375Updated this week
- A vulnerability scanner for container images and filesystems☆11,769Updated this week
- eBPF-based Security Observability and Runtime Enforcement☆4,487Updated this week
- Cloud cost estimates for Terraform in pull requests💰📉 Shift FinOps Left!☆12,226Updated this week
- Trust Dexter to ensure that all your images are pinned by digest for better security☆31Nov 8, 2023Updated 2 years ago
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆339Mar 17, 2026Updated last week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,541Updated this week
- Go SDK for GitHub Actions - easily author GitHub Actions in Go☆515Dec 11, 2025Updated 3 months ago
- Detect, track and alert on infrastructure drift☆2,627Jan 30, 2026Updated last month
- Automated refactoring for Terraform☆73May 4, 2022Updated 3 years ago
- Linux Process Discovery. C Library, Go bindings, Runtime.☆223Jul 20, 2022Updated 3 years ago
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆770Dec 11, 2024Updated last year
- Terraform provider and module version checking tool☆136Dec 6, 2022Updated 3 years ago
- Terrap - a powerful CLI tool that scans your infrastructure and identifies any required changes.☆66Dec 5, 2023Updated 2 years ago
- ☆16Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆33,205Updated this week
- Cloud native secrets management for developers - never leave your command line for secrets.☆3,182Jan 27, 2026Updated last month
- Validation of best practices in your Kubernetes clusters☆3,355Mar 9, 2026Updated 2 weeks ago
- OpenSSF Scorecard - Security health metrics for Open Source☆5,315Updated this week
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆5,205Nov 20, 2025Updated 4 months ago
- Kubernetes Application Archive☆152May 4, 2022Updated 3 years ago
- The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, …☆1,265Updated this week
- Automate Kubernetes Configuration Editing☆1,863Mar 16, 2026Updated last week