sigstore / fulcioLinks
Sigstore OIDC PKI
☆765Updated last week
Alternatives and similar repositories for fulcio
Users that are interested in fulcio are comparing it to the libraries listed below
Sorting:
- Software Supply Chain Transparency Log☆1,019Updated last week
- Common go library shared across sigstore services and clients☆489Updated this week
- A CLI tool to sign and verify artifacts☆436Updated last week
- in-toto Attestation Framework☆301Updated this week
- Keyless Git signing using Sigstore☆1,036Updated last week
- Verify provenance from SLSA compliant builders☆288Updated 2 months ago
- Language-agnostic SLSA provenance generation for Github Actions☆511Updated 3 months ago
- in-toto is a framework to protect supply chain integrity.☆951Updated this week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆497Updated last week
- Supply Chain Security in Tekton Pipelines☆259Updated last week
- ☆250Updated this week
- Cross tooling and interoperability specifications☆175Updated 5 months ago
- build APKs from source code☆521Updated last week
- A utility to generate SPDX-compliant Bill of Materials manifests☆415Updated this week
- A security layer for Git repositories☆547Updated this week
- Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆505Updated this week
- Build OCI images from APK packages directly without Dockerfile☆1,438Updated this week
- TUF repository for Sigstore trust root☆109Updated this week
- An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster☆462Updated this week
- Public Chainguard Images☆630Updated this week
- Platform AbstRaction for SECurity service☆498Updated 5 months ago
- Go library for Sigstore signing and verification☆81Updated last week
- Reference implementation of OpenPubkey☆861Updated 2 months ago
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.☆68Updated last week
- GitHub Action for creating software bill of materials using Syft.☆204Updated this week
- OpenVEX Specification☆160Updated 4 months ago
- Supply-chain Levels for Software Artifacts☆1,740Updated this week
- A specification for signing methods and formats used by Secure Systems Lab projects.☆87Updated last month
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆147Updated 2 weeks ago
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆142Updated 2 weeks ago