sigstore / fulcio
Sigstore OIDC PKI
☆698Updated this week
Alternatives and similar repositories for fulcio:
Users that are interested in fulcio are comparing it to the libraries listed below
- Software Supply Chain Transparency Log☆943Updated this week
- Common go library shared across sigstore services and clients☆480Updated this week
- Keyless Git signing using Sigstore☆982Updated this week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆431Updated this week
- A CLI tool to sign and verify artifacts☆394Updated this week
- Language-agnostic SLSA provenance generation for Github Actions☆456Updated 2 weeks ago
- Verify provenance from SLSA compliant builders☆252Updated this week
- in-toto Attestation Framework☆264Updated last week
- A security layer for Git repositories☆501Updated this week
- Supply Chain Security in Tekton Pipelines☆253Updated this week
- build APKs from source code☆460Updated this week
- ☆233Updated this week
- in-toto is a framework to protect supply chain integrity.☆905Updated last week
- Inspect certificate authorities in container images☆231Updated last week
- A utility to generate SPDX-compliant Bill of Materials manifests☆377Updated last week
- TUF repository for Sigstore trust root☆96Updated this week
- Cross tooling and interoperability specifications☆166Updated 2 months ago
- Public Chainguard Images☆586Updated last week
- A reading list for software supply-chain security.☆362Updated 2 years ago
- GitHub Action for creating software bill of materials using Syft.☆180Updated this week
- Reference implementation of OpenPubkey☆802Updated this week
- CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.☆347Updated 4 months ago
- An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster☆451Updated this week
- Main package repository for production Wolfi images☆921Updated this week
- Build OCI images from APK packages directly without Dockerfile☆1,311Updated this week
- Format agnostic SBOM tooling☆102Updated this week
- Platform AbstRaction for SECurity service☆482Updated 3 weeks ago
- Generate a score for your sbom to understand if it will actually be useful.☆227Updated 7 months ago
- Artifact Ratification Framework (CNCF Sandbox)☆254Updated this week
- Go library for Sigstore signing and verification☆60Updated last week